Will Governments Ban Ransom Payments To Hackers?

Ransomware criminals are holding businesses and organisations hostage and demanding large payments with greater frequency and scale.  In order to restore the victims systems the prevalent criminal method  is for the hacker to demand to get paid in crypocurrency, which can’t be tracked by the victim or the police.

The financial damage from these cyber attacks range from £70k to £10m and now some US and UK technology experts are urging their governments to make paying ransom to criminal hackers illegal. 

The CEO of Colonial Pipeline has admitted his company paid hackers nearly $4.5m after their attack forced the firm to stop transporting fuel. Since last August, the hackers responsible for the US pipeline hack, DarkSide, have made at least $90m in ransom payments from about 47 victims, Bitcoin records show.

DarkSide is just one of more than a dozen prolific ransomware gangs making vast profits from holding companies, schools, governments and hospitals to ransom. 

Hacking groups work anonymously, so are hard to track down and they often operate in countries unwilling to arrest them. 
Ransomware attacks shut down a victims computer systems or data until a ransom is paid. Law-enforcement agencies around the world are increasingly urging victims not to pay. But paying ransoms is not illegal and many organisations pay in secret.

  • The Ransomware Task Force (RTF) a global coalition of cyber experts is lobbying governments to take action.  It has made nearly 50 recommendations to curb the crime spree, but it hasn’t agreed as to whether countries should ban ransom payments.
  • Britain's ex-GCHQ chief has urged the government to ban ransomware payments to stop criminals profiteering from attacks. Ciaran Martin, the founding chief executive of GCHQ's Cyber Security Centre (NCSC), now an eminent Professor at Oxford University's Blavatnik School, spoke following the Irish health service being  targeted with a ransom attack by criminals. 

Opponents say that a ban on ransom payouts would push criminals to go after even more essential targets, such as hospitals, forcing victims to choose between payment and widespread upheaval.

USA Today:       BBC:     Daily Mail:     Financial Times:     CyberWire:        

You Might Also Read: 

Pipeline Hack: Biden Issues An Executive Order

 

« New Zealand Health Service Is Under Attack
Apple Stores Customer Data In China »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

L-3 TRL Technology

L-3 TRL Technology

L3 TRL designs and delivers advanced electronic warfare and cyber security solutions for the protection of people, infrastructure and assets.

Nmap Project

Nmap Project

Nmap Project is a Free and open source tool for network discovery, administration, and security auditing.

Bryan Cave LLP

Bryan Cave LLP

Bryan Cave LLP is a global business and litigation law firm. Practice areas include Data Privacy and Security.

Arxan Technologies

Arxan Technologies

Arxan is a leader of application attack-prevention and self-protection products for Internet of Things (IoT), Mobile, Desktop, and other applications.

Adlink Technology

Adlink Technology

ADLINK is a leading provider of embedded computing products and services for applications including IoT and industrial automation.

CipherTrace

CipherTrace

CipherTrace develops cryptocurrency Anti-Money Laundering, cryptocurrency forensics, and blockchain threat intelligence solutions.

Ensurity Technologies

Ensurity Technologies

Ensurity is a deep-tech cybersecurity engineering company; designs and manufactures specialized secure hardware, software, and mobile application solutions.

R3

R3

R3 is an enterprise blockchain software firm working with a broad ecosystem of more than 300 participants across multiple industries to develop blockchain applications.

Gluu

Gluu

Modern Authentication for Digital Enterprise. Organizations around the world trust Gluu for large-scale, high-security identity & access management.

Militus

Militus

Militus provides the only information security service available that learns and analyzes your network over time using a custom-built network-based toolset.

Salvador Technologies

Salvador Technologies

Salvador Technologies provides the world’s fastest technology to recover from cyber-attacks.

Sevren

Sevren

Sevren is a Next Generation Application Security Management & Orchestration Platform.

Sentra

Sentra

Sentra is focused on improving data security practices within the cloud, mitigating the risks of damaging data leaks by providing comprehensive visibility into critical data assets.

Iconium Software

Iconium Software

DataLenz by Iconium offers continuous and real-time tracking of your data assets delivering you the tools you need to successfully reach and maintain your target security standards.

Trenton Systems

Trenton Systems

Trenton Systems are committed to providing high-performance computing solutions to customers running mission-critical applications in harsh settings worldwide and across various industries.

Clearnetwork

Clearnetwork

Clearnetwork specializes in managed cybersecurity solutions that enable both public and private organizations improve their security posture affordably.