According to a new report of the US Senate committee, the US government lacks comprehensive data on blackmail software attacks, and the existing reports are relatively scattered The US Department of Homeland Security and the public affairs committee recently released a 51 page report , called on the government to quickly implement the new authorization, requiring federal agencies and key infrastructure organizations to report after being blackmailed with software, as well as the ransom to be paid.
In order to write this report, the committee conducted a 10-month investigation and focused on the role of cryptocurrency in extortion software payment. It turned out that the reports of attacks were "fragmented and incomplete", in part because both the FBI and CISA claimed to have "one-stop services" to report attacks - IC3 Gov and stopransomware gov。
The new law requires key infrastructure organizations to report cyber attacks to CISA within 72 hours and ransom software within 24 hours. CISA said in March that it would immediately share the incident report with the FBI, but the investigation found that this arrangement was flawed.
"Although these institutions stated that they shared data with each other, in discussions with committee staff, blackmail incident response companies questioned the effectiveness of such communication channels in assisting victims of attacks," the report said.
In addition to the dual reporting functions of the FBI and CISA, FinCEN, the transportation security administration and the securities and Exchange Commission of the Ministry of finance also have a reporting system for specific departments, as well as reports through FBI field offices and some state governments. "These institutions do not uniformly capture, classify or publicly share information," the report said
It pointed out that experts believe that the FBI IC3 data on extortion software is a "subset" of the data. In its annual IC3 report, the FBI admitted that its blackmail software data was "artificially low" because the victims only voluntarily reported the incident to the FBI. At the same time, the FBI field office, which collects reports of extortion software victims, lost contact with about 25% of the victims during the follow-up investigation.