Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · STATUTE-COMPILATIONS · National Defense Authorization Act for Fiscal Year 2022 · Sec. 1510

Sec. 1510. ASSESSING CAPABILITIES TO COUNTER ADVERSARY USE OF RANSOMWARE, CAPABILITIES, AND INFRASTRUCTURE

591 words·~3 min read·/statute-compilations/comps-16861/sec-1510

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

## SEC. 1510 ASSESSING CAPABILITIES TO COUNTER ADVERSARY USE OF RANSOMWARE, CAPABILITIES, AND INFRASTRUCTURE ###
(a)Comprehensive Assessment and Recommendations Required Not later than 180 days after the date of enactment of this section, the Secretary of Defense shall— ####
(1)conduct a comprehensive assessment of the policy, capacity, and capabilities of the Department of Defense to diminish and defend the United States from the threat of ransomware attacks, including— #####
(A)an assessment of the current and potential threats and risks to national and economic security posed by— ######
(i)large-scale and sophisticated criminal cyber enterprises that provide large-scale and sophisticated cyber attack capabilities and infrastructure used to conduct ransomware attacks; and ######
(ii)organizations that conduct or could conduct ransomware attacks or other attacks that use the capabilities and infrastructure described in clause
(i)on a large scale against important assets and systems in the United States, including critical infrastructure; #####
(B)an assessment of— ######
(i)the threat posed to the Department of Defense Information Network and the United States by the large-scale and sophisticated criminal cyber enterprises, capabilities, and infrastructure described in subparagraph (A); and ######
(ii)the current and potential role of United States Cyber Command in addressing the threat referred to in clause
(i)including— ######
(I)the threshold at which United States Cyber Command should respond to such a threat; and ######
(II)the capacity for United States Cyber Command to respond to such a threat without harmful effects on other United States Cyber Command missions; #####
(C)an identification of the current and potential Department efforts, processes, and capabilities to deter and counter the threat referred to in subparagraph (B)(i), including through offensive cyber effects operations; #####
(D)an assessment of the application of the defend forward and persistent engagement operational concepts and capabilities of the Department to deter and counter the threat of ransomware attacks against the United States; #####
(E)a description of the efforts of the Department in interagency processes, and joint collaboration with allies and partners of the United States, to address the growing threat from large-scale and sophisticated criminal cyber enterprises that conduct ransomware attacks and could conduct attacks with other objectives; #####
(F)a determination of the extent to which the governments of countries in which large-scale and sophisticated criminal cyber enterprises are principally located are tolerating the activities of such enterprises, have interactions with such enterprises, could direct their operations, and could suppress such enterprises; #####
(G)an assessment as to whether the large-scale and sophisticated criminal cyber enterprises described in subparagraph
(F)are perfecting and practicing attack techniques and capabilities at scale that can be co-opted and placed in the service of the country in which such enterprises are principally located; and #####
(H)identification of such legislative or administrative action as may be necessary to more effectively counter the threat of ransomware attacks; and ####
(2)develop recommendations for the Department to build capabilities to develop and execute innovative methods to deter and counter the threat of ransomware attacks prior to and in response to the launching of such attacks. ###
(b)Briefing Not later than 210 days after the date of the enactment of this Act, the Secretary of Defense shall brief the congressional defense committees on the comprehensive assessment completed under paragraph
(1)of subsection
(a)and the recommendations developed under paragraph
(2)of such subsection. ###
(c)Definition In this section, the term “critical infrastructure” has the meaning given such term in section 1016(e) of Public Law 107-56 (42 U.S.C. 5195c(e)).
Connectionstraces to 1
Traces to 1 document
1 reference not yet in our index
  • Pub. L. 107-56
Citation graph
cites case law
Sec. 1510
ASSESSING CAPABILITIES TO COUNTER ADVERSARY USE OF RANSOMWARE, CAPABILITIES, AND INFRASTRUCTURE
U.S.C.§ 5195c
Pub. L.Pub. L. 107-56
Cites 2Cited by 0 across 0 sources
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.