Tag Archive for: Bill

Bill gives school districts resources to guard against cyberattacks

/in


Cybersecurity Act

Courtesy

President Joe Biden signs S. 1917 The K-12 Cybersecurity Act of 2021, Friday. Oct. 8, 2021, in the Oval Office of the White House. (Official White House Photo by Adam Schultz)

By Jessica Hill (contact)

Updated Friday, Oct. 8, 2021 | 3:36 p.m.

A hacker published Clark County School District records, including employee Social Security numbers and student names, addresses and grades, after a ransomware attack on the school system in August 2020.

The bipartisan K–12 Cybersecurity Act of 2021, signed into law today by President Joe Biden, will give resources to school districts to help them protect themselves against cyberattacks.

“This is what we do best when we come together,” said Sen. Jacky Rosen, D-Nev., who co-sponsored the bill following the attack on Clark County School District, the fifth largest school district in the United States. “It’s going to direct the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency to do a deep dive to report on vulnerabilities in school districts across the country.”

The agency will study challenges schools face in keeping their information systems and sensitive student and employee records safe, the bill states.

“Cyber Security issues have affected public schools throughout the nation and CCSD works to make sure our students, their families, and district employees’ information is secure from cyber criminals,” the district said in a statement.

The criminal data breach against CCSD was “unacceptable,” Rosen said. After the district refused to pay a ransom, the hacker published the sensitive documents online.

Other vulnerable entities across the country also have become victims of ransomware attacks, which are happening more frequently, Rosen said. In such attacks, hackers lock up computer data and demand a ransom to release it.

In 2020, 1,681 schools, colleges and universities in the U.S. and 560 health care facilities were victims of ransomware attacks, according to the Emsisoft Malware Lab.

University Medical Center reported a hacking incident this summer that impacted about 1.3 million people. The victims’ driver’s license, Social…

Source…

Senate Bill to Mandate Cyberattack, Ransomware Payment Reporting

/in


Energy companies, banks and other critical infrastructure operators would have to report cybersecurity incidents and ransomware payments to the federal government under legislation introduced Tuesday.

Senate Homeland Security and Governmental Affairs Chairman Gary Peters (D-Mich.) and ranking member Rob Portman (R-Ohio) are unveiling a bipartisan bill to require critical infrastructure operators to notify the Cybersecurity and Infrastructure Security Agency within at least 72 hours of experiencing a cyberattack, according to details shared with Bloomberg Government.

The measure would also require other organizations—including nonprofits, businesses with more than 50 employees and state and local governments—to notify the federal government within 24 hours if they make a ransom payment following a ransomware attack.

“When entities — such as critical infrastructure owners and operators — fall victim to network breaches or pay hackers to unlock their systems, they must notify the federal government so we can warn others, prepare for the potential impacts, and help prevent other widespread attacks,” Peters said in a press statement.

Companies Must Report Ransomware, Cyberattacks in Senate Measure

The Biden administration’s top cybersecurity officials, CISA Director Jen Easterly and National Cyber Director Chris Inglis, backed a draft version of the measure during a committee hearing last week.

Biden Cyber Officials Back Breach Incident Reporting Mandate

The Senate bill is similar to legislation from House Homeland Security Chair Bennie Thompson (D-Miss.) and Reps. Yvette Clarke (D-N.Y.) and John Katko (R-N.Y.), which was included in an amendment to the House version of the fiscal 2022 National Defense Authorization Act (H.R. 4350) passed on Sept. 23. The House bill doesn’t mandate reporting of ransom payments.

Cyber Incident Reporting by Industry Mandated in Draft Bill

Peters said he plans to mark up the legislation and is considering the Senate version of the defense policy bill as a potential vehicle to advance the measure on the Senate floor, he told Bloomberg Government last week.

To contact the reporter on this story: Rebecca…

Source…

Cyber Security Bill: End of the road for internet hackers and social media abusers

/in



Government has moved a step closer to closing the net on cyber criminals after the Cyber Security and Data Protection Bill was passed in parliament this Tuesday.

The clock is ticking for cyber criminals as the government is finalising a policy document that will effectively curb cyber-related offences and provide data protection for citizens.

United Kingdom based Cyber Security expert, Dr Samuel Chindaro is confident the Bill which now awaits Presidential assent will be pivotal in addressing the scourge of internet hacking and card cloning, among other illicit cyber activities that have bled the economy of millions of dollars.

“This was a long overdue process and I believe this is one of the avenues where government will be able to seriously address cyber-crimes that have seriously exposed both corporates and individuals,” he said.

According to data from the country’s specialised serious crimes unit, computer generated crimes have seen millions of dollars being siphoned from local companies and individuals.

The Cyber Security Report 2021 released last week reveals that Zimbabwe is among Africa countries facing the most common cyber security threats such malware, web-application attacks, email phishing and impersonation, identity theft, data breaches and denial of services.

If signed into law, the Cyber Bill which amends the country’s criminal code for cyber-crime will provide for the investigation and collection of evidence and data breaches, resulting in the admissibility of electronic evidence in court.

– ZBC




Source…

PJCIS asks for Australia’s ‘hacking’ Bill to gain judicial oversight and sunset clauses

/in


The Parliamentary Joint Committee on Intelligence and Security (PJCIS) has recommended the passage of the so-called “hacking” Bill that will afford three new computer warrants to two Australian law enforcement bodies, providing its 33 other recommendations are met.



a close up of a bottle: According to Peter Dutton, this badge has nothing to do with ACT Policing, even though it is on statements relating to a lack of metadata authorisation.

© (Image: ACT Policing)

According to Peter Dutton, this badge has nothing to do with ACT Policing, even though it is on statements relating to a lack of metadata authorisation.


The Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020, if passed, would hand the Australian Federal Police (AFP) and the Australian Criminal Intelligence Commission (ACIC) the new warrants for dealing with online crime.

Loading...

Load Error

The first of the warrants is a data disruption one, which according to the Bill’s explanatory memorandum, is intended to be used to prevent “continuation of criminal activity by participants, and be the safest and most expedient option where those participants are in unknown locations or acting under anonymous or false identities”.

The second is a network activity warrant that would allow the AFP and ACIC to collect intelligence from devices that are used, or likely to be used, by those subject to the warrant.

The last warrant is an account takeover warrant that would allow the agencies to take control of an account for the purposes of locking a person out of the account.

The Bill has been criticised for its “wide-ranging” and “coercive” powers by the Office of the Australian Information Commissioner (OAIC), human rights lawyers have asked the Bill be re-drafted, and the likes of Twitter have labelled parts of the proposed Bill as “antithetical to democratic law”.

After considering all the submissions made and testimonies provided on the Bill, the PJCIS in its report [PDF] has called for some tweaks, such as amending the Bill to provide additional requirements on the considerations of the issuing authority to ensure the offences are reasonably serious and proportionality is maintained.

“The effect of any changes should be to strengthen the issuing criteria and ensure the powers are being used for the most serious of offending,” it added.

The committee wants the issuing authority for…

Source…