Will the movement to ban ransom payments gain steam in 2024?
January 23, 2024 – Published on Cybersecurity Dive
Debates around how to curtail ransomware activity are getting louder and shifting.
There’s little agreement from cybersecurity experts and officials on the best way to impede ransomware, but federal policy is often viewed as an important, albeit slow-moving mechanism to ebb the flow of attacks.
As debates and policy discussions gain momentum, there is ample evidence that the status quo isn’t working. Ransomware victims in the U.S. paid $1.5 billion in ransoms between May 2022 and June 2023, a senior administration official said in November.
The Biden administration decided against an outright ban on ransom payments in September 2022, but White House officials revived the potential policy change in mid-2023 through the International Counter Ransomware Initiative.
The problem isn’t going away, and ransom payments are a well-established norm across businesses of all types.
Business considerations such as operational disruptions and lost revenue are critical factors organizations weigh when they’re confronted with a ransom demand.
“There are certain circumstances where businesses just can’t recover without a particular decryption key and things of that nature,” said Drew Schmitt, practice lead at GuidePoint Security’s research and intelligence team.
Schmitt deals with the technical ramifications of ransomware and sometimes helps clients negotiate ransom payments because alternatives are limited or potentially more damaging for the victim organization.
This hedging response to a ransom payment ban underscores a common view among incident responders and other cybersecurity experts.
Policies and regulations around ransomware are widely expected to change in 2024 and beyond, but how and to what effect remains unclear.
“One of the biggest challenges is going to be designing policy in a way that does allow for certain types of organizations to have flexibility to make sure that they can recover, while also simultaneously impacting the ransomware groups to where it doesn’t make financial sense anymore,” Schmitt said.
Read More HERE.