Everything you need to know about 4:05 ransomware attacks
(CNN) -
The Transportation Security Administration (TSA) will impose new cybersecurity mandates on the rail and air sectors, including information requirements as part of a department effort to enforce compliance after High-profile cyberattacks in critical industries, United States Secretary of Homeland Security Alejandro Mayorkas announced Wednesday.
The Department of Homeland Security (DHS) will require a greater number of companies in critical transport sectors to comply with basic cybersecurity regulations, thus reducing the voluntary reporting of cybersecurity incidents.
As part of an upcoming "security directive," DHS will require higher risk rail and transit entities to report cyber incidents to the federal government, identify their cybersecurity officers, and develop a contingency plan. and recovery in case they are victims of cyberattacks.
First on CNN: Biden to convene 30 countries to combat ransomware threat
The directive will be published by the end of the year, Mayorkas said at the annual Billington cybersecurity summit, where he intervened virtually.
"Reducing cybersecurity risk is in the best interest of all organizations, especially considering the indiscriminate nature of
ransomware
," Mayorkas said.
The Biden administration launched several new initiatives on Wednesday as officials deployed at public events on Cybersecurity Awareness Month to promote new efforts and urge companies to better protect themselves and the American public, including an effort by the Department of Justice to impose fines on companies that do not meet certain standards.
Members of the rail industry immediately opposed the announcement, arguing that the safety directive would require railroads to take long-established actions.
advertising
The rail industry had only three business days to review and provide input on the draft safety directive, according to a spokesperson for the Association of American Railroads (AAR), an industry grouping of the rail freight industry, which added that railways have "consistently reported to federal law enforcement agencies on intelligence and cybersecurity incidents over several years."
"The AAR expects that the substantive comments provided will be fully considered in deciding whether to proceed with the directive and to ensure that any action taken enhances, and does not hamper, coordinated cybersecurity efforts," the spokesperson added in a statement.
Earlier this year, the TSA issued two security directives targeting critical oil and gas pipeline companies in the months after a
ransomware
attack
that caused the shutdown of one of the largest pipelines in the United States and created a shortage of gasoline and long lines at gas stations.
The US wants to shield pipelines against cyber attacks 1:02
Regarding the airline industry, the TSA will require critical U.S. airport operators, passenger aircraft operators, and cargo aircraft operators to designate cybersecurity coordinators and report cyber incidents to the Agency for Cybersecurity. Cybersecurity and Infrastructure Security before the end of the month.
The agency will gradually expand covered entities and consider additional measures over time, Mayorkas said.
"Together, these elements - a dedicated manager, cyber incident notification and contingency plans - represent the bare minimum of current cybersecurity best practices," Mayorkas added.
In addition to immediate measures, TSA is working on a longer-term rule-making process to "strengthen cybersecurity and resilience in the transportation sector," he said, which will include input from the sector.
Padraic O'Reilly, co-founder of CyberSaint Security, told CNN that for some industries "voluntary standards are not enough," noting that companies dedicate more resources to basic security and protection of their systems when required by the government. federal.
"Now we are in the middle of a maelstrom," he said of the cybersecurity threats facing critical industries and the need to protect them.
Also Wednesday, Deputy Attorney General Lisa Monaco announced that, for the first time, the Justice Department plans to impose substantial fines on government contractors or companies that receive federal funds when they fail to follow cybersecurity regulations, such as the requirement. to report
ransomware-
like attacks
.
Senators Introduce Cyber Bill to Require Reporting on Ransomware-like Attacks and Attacks on Critical Infrastructure
Under this new initiative, the Department of Justice will pursue contractors who knowingly provide substandard cybersecurity products or services, knowingly misrepresent their cybersecurity practices or protocols, or knowingly fail to comply with their obligations to monitor and report cybersecurity. cybersecurity incidents and violations.
"When those who are entrusted with government money, who are entrusted to work in sensitive government systems, do not follow the required cybersecurity regulations, we are going to pursue that behavior and impose very, very hefty fines," he said. Monaco.
- CNN's Jessica Schneider contributed to this report.
RansomwareTSA