Extra Bytes, Information Security

The Practical Challenges of Banning Ransomware Payments to Cyber Criminals

According to CISA's Director.

Ryan Uliss

Contributing Writer

Save

The issue of whether or not to ban ransomware payments to criminal hackers has been a hot topic among cybersecurity professionals. Despite the increasing threat of ransomware attacks, Jen Easterly, Director of the Cybersecurity and Infrastructure Security Agency (CISA), recently stated that a ban on paying ransomware demands is unlikely in the United States.

This stance contrasts with views from other experts, such as Ciaran Martin, former head of the U.K.’s National Cyber Security Centre, who advocates for such a ban. Rather than focusing on banning payments, Easterly and the U.S. government emphasize improving incident reporting standards, bolstering law enforcement efforts, and promoting secure-by-design principles to reduce vulnerabilities in technology infrastructure.

Why It Matters: Ransomware attacks pose a significant threat to organizations of all sizes, often resulting in substantial financial losses and operational disruptions. The decision to ban or allow ransomware payments has far-reaching implications for businesses, cybersecurity practices, and overall digital safety. While a ban on paying the demand to cyber criminals seems to make sense on the surface, its implementation could potentially have unintended negative consequences.

Economic and Operational Impact on Businesses: Small and medium-sized businesses are particularly vulnerable to ransomware attacks. A ban on payments could lead to severe disruptions, forcing some businesses to shut down if they cannot afford prolonged downtimes.

Risk of Secret Payments: If paying ransoms were criminalized, organizations might opt to pay in secret to avoid penalties. This lack of transparency could hinder accurate data collection on ransomware incidents and weaken threat intelligence efforts.

Emergence of Fraudulent Recovery Services: Banning ransomware payments could spur the growth of fake “data recovery” services that secretly pay ransoms and charge victims exorbitant fees, exploiting the ban to their advantage.

Legislative and Regulatory Responses: The Cyber Incident Reporting for Critical Infrastructure Act mandates reporting of ransomware attacks for critical infrastructure, aiming to create a comprehensive view of today’s cyber threats. Similar regulatory frameworks are being considered in the U.K. and Europe.

Go Deeper -> CISA Director says Banning Ransomware Payments is Off the Table – Security Intelligence

‘I don’t see it happening’: CISA Chief Dismisses Ban on Ransomware Payments – The Record

Save

July 10, 2024

☀️ Subscribe to the Early Morning Byte! Begin your day informed, engaged, and ready to lead with the latest in technology news and thought leadership.

☀️ Your latest edition of the Early Morning Byte is here! Kickstart your day informed, engaged, and ready to lead with the latest in technology news and thought leadership.