Snynet Solution Logo
MON - SUN: 10 AM - 6 PM
+60 11 5624 8319

Blog

New ransomware law would force victims to admit to ransom payouts

Image Description

A new law has been proposed in the United States that would place new obligations on the shoulders of ransomware victims.

Submitted by Senator Elizabeth Warren and Congresswoman Deborah Ross, the Ransomware Disclosure Act would require businesses to disclose any ransom payments within 48 hours of the transaction.

If the proposal is turned into law, all ransomware victims “engaged in interstate commerce” will have to provide the Department of Homeland Security (DHS) with the ransom payment sum, the currency and any information they might know about the attackers.

The act does not require all ransomware victims to engage with the DHS, however, only those who choose to concede to demands.

The ransomware dilemma

The main dilemma for every ransomware victim is to pay or not to pay. Often, the fastest way to recover from a ransomware attack is to give in to demands, but there is no guarantee systems will be restored and data returned as promised, and paying ransom fees only incentivizes further attacks.

One the other hand, businesses that choose not to engage with criminals face significant losses as a result of downtime, as well as reputational damage if the attacker loses patience and publishes their data online.

According to Senator Warren, the Ransomware Disclosure Act is designed to give the DHS the intelligence it needs to unpick this catch-22 and disrupt the economics of ransomware.

“Ransomware attacks are skyrocketing, yet we lack critical data to go after cybercriminals. [The bill] would set disclosure requirements when ransoms are paid and allow us to learn how much money cybercriminals are siphoning from American entities to finance criminal enterprises - and help us go after them,” said Warren.

Congresswoman Ross also expressed concerns about the scale and severity of the ransomware threat, and emphasized the importance of collaboration between private enterprise and the government in tackling the issue.

“Unfortunately, because victims are not required to report attacks or payments to federal authorities, we lack the critical data necessary to understand these cybercriminal enterprises and counter these intrusions. The data this legislation provides will ensure both the federal government and private sector are equipped to combat the threats that cybercriminals pose to our nation,” she said.

Via ZDNet

Date

07 Oct 2021

Sources


Share


Other Blog

  • Working Spectre exploits for Windows and Linux devices uncovered

    Exploits can be used on unpatched installations to reveal user passwords.

    Read More
  • Intel 11th-generation processors launch window may have just leaked from MSI

    Intel 11th-gen Rocket Lake-S processors may be coming in March 2021, according to an MSI forum comment.

    Read More
  • Samsung Galaxy Tab S7 and S7 Plus launch in India

    The flagship Samsung Galaxy Tab S7 and Tab S7 Plus are now available in India to take on the Apple iPad Pro.

    Read More
  • Intel claims it’s not scared of Nvidia’s new Grace processor

    Intel CEO Pat Gelsinger has responded to Nvidia’s announcement of its Grace ARM CPU, insisting his company remains the market leader.

    Read More

Find Out More About Us

Want to hire best people for your project? Look no further you came to the right place!

Contact Us