Overview of the Biden administration’s cyberattacks:
- Who: The Biden administration is looking to partner with private sector companies.
- Why: Cybersecurity leaders want to work with businesses against cyberattacks by sharing information about hacks and breaches faster.
- Or: The call for partnership reaches businesses and consumers nationwide.
At the Global Privacy Summit in Washington, DC, government officials urged private companies to consider them as a partner against cyberattacks to better respond and protect against hacking.
Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA), and Herb Stapleton, special agent in charge of the FBI’s Indianapolis field office, both urged organizations to report cyber breaches to CISA and the FBI and promised not to use such reports. as an incentive for legal action against companies.
“At the end of the day, we’re not here to name, shame, blame, kill anyone’s reputation, stab the injured, are we?” Eastly said. “We’re actually here to help.”
Hack reports won’t be shared with private sector regulators, agencies say
Easterly and Stapleton emphasized that their agencies will not share data from breach reports with the Federal Trade Commission (FTC) or the U.S. Securities and Exchange Commission (SEC).
The data will be used to help victims of the breach, as well as other potential victims of being hacked in the future.
Easterly noted, however, that if companies were found to lack even the bare minimum of cyber protections, regulatory action would likely be taken. Partnership is not a promise of “full absolution”.
“I think we have to keep in mind that not everyone should get a free pass for having a significant cyber event if, in fact, it happened because you weren’t doing the basics,” she said.
Leonard Bailey, special adviser for national security at the Justice Department, also said at the summit that names of victims may be hidden in press releases or court filings by prosecutors.
Stapleton also assured the companies that the FBI will not use its access to the companies’ servers to search for evidence of other crimes, even if they are related to the hack. Instead, the FBI will focus on identifying the hackers behind the cyberattack to “determine whether a federal crime has been committed or if there is an ongoing national security threat.”
Govt. Agencies warn of IT flaws in infrastructure
CISA and other federal agencies have also warned the private sector that hacking groups target infrastructure systemssuch as the country’s energy and manufacturing sectors, and that there are flaws there.
The calls for partnership follow the adoption in March of the Cyber Incident Reporting for Critical Infrastructure Act. The law, which has yet to come into effect, will require critical infrastructure operators to report “substantial” incidents to CISA within 72 hours and alert the agency within 24 hours of paying a Ransomware.
If you have been affected by a data breach, you may be eligible for join or file a class action lawsuit. Lawyers are currently investigating recent nationwide data breaches and the impact they have had on Americans (links to lawyers’ paid content).
Learn more about class actions and class action settlements:
Please note: Top Class Actions is not a settlement administrator or law firm. Top Class Actions is a source of legal information that reports on class action lawsuits, class action settlements, drug-related injury lawsuits, and product liability lawsuits. Top Class Actions does not handle claims and we cannot advise you on the status of a class action settlement claim. You should contact the Settlement Administrator or your attorney for any updates regarding the status of your claim, the Claim Form, or questions about when payments should be mailed.