Will Governments Ban Ransom Payments To Hackers?

Uploaded on 2021-05-23 in TECHNOLOGY--Hackers, GOVERNMENT-National, FREE TO VIEW

Ransomware criminals are holding businesses and organisations hostage and demanding large payments with greater frequency and scale.  In order to restore the victims systems the prevalent criminal method  is for the hacker to demand to get paid in crypocurrency, which can’t be tracked by the victim or the police.

The financial damage from these cyber attacks range from £70k to £10m and now some US and UK technology experts are urging their governments to make paying ransom to criminal hackers illegal. 

The CEO of Colonial Pipeline has admitted his company paid hackers nearly $4.5m after their attack forced the firm to stop transporting fuel. Since last August, the hackers responsible for the US pipeline hack, DarkSide, have made at least $90m in ransom payments from about 47 victims, Bitcoin records show.

DarkSide is just one of more than a dozen prolific ransomware gangs making vast profits from holding companies, schools, governments and hospitals to ransom. 

Hacking groups work anonymously, so are hard to track down and they often operate in countries unwilling to arrest them. 
Ransomware attacks shut down a victims computer systems or data until a ransom is paid. Law-enforcement agencies around the world are increasingly urging victims not to pay. But paying ransoms is not illegal and many organisations pay in secret.

  • The Ransomware Task Force (RTF) a global coalition of cyber experts is lobbying governments to take action.  It has made nearly 50 recommendations to curb the crime spree, but it hasn’t agreed as to whether countries should ban ransom payments.
  • Britain's ex-GCHQ chief has urged the government to ban ransomware payments to stop criminals profiteering from attacks. Ciaran Martin, the founding chief executive of GCHQ's Cyber Security Centre (NCSC), now an eminent Professor at Oxford University's Blavatnik School, spoke following the Irish health service being  targeted with a ransom attack by criminals. 

Opponents say that a ban on ransom payouts would push criminals to go after even more essential targets, such as hospitals, forcing victims to choose between payment and widespread upheaval.

USA Today:       BBC:     Daily Mail:     Financial Times:     CyberWire:        

You Might Also Read: 

Pipeline Hack: Biden Issues An Executive Order

 

« New Zealand Health Service Under Attack
Apple Stores Customer Data In China »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

SecureAuth

SecureAuth

SecureAuth delivers cutting edge identity and information security solutions for cloud, mobile, web, and VPN systems.

Foundation for Strategic Research (FRS)

Foundation for Strategic Research (FRS)

The Foundation for Strategic Research is France's main independent think tank on strategic, defense and security issues. Cyber security is covered as part of the study areas.

Sepior

Sepior

Our vision is to make Sepior the leading provider of cloud-encryption software in the world.

Cybersecurity Tech Accord

Cybersecurity Tech Accord

The Cybersecurity Tech Accord promotes a safer online world by fostering collaboration among global technology companies.

Cynexlink

Cynexlink

Cynexlink offers Managed IT Services with Security, Network, Storage & Cloud solutions for all size of business.

WiSecure Technologies

WiSecure Technologies

WiSecure Technologies aims to develop cryptographic products meeting requirements in the new economic era.

Quantum Generation

Quantum Generation

Quantum Cyber Security for a new age of communications. We are developing the largest decentralized orbital, and ground quantum mesh network based on blockchain technology.

BLUECYFORCE

BLUECYFORCE

BLUECYFORCE is the leading professional training and cyber defense training organization in France.

Ribbon Communications

Ribbon Communications

Ribbon Communications delivers global communications software and network solutions to service providers, enterprises, and critical infrastructure sectors.

Tetra Tech

Tetra Tech

Tetra Tech is a cybersecurity leader with extensive experience in supporting enterprise-wide programs and systems across multiple business lines from industrial control systems to health IT.

Yoti

Yoti

Yoti offer a suite of business solutions that span identity verification, age estimation, e-signing and AI anti-spoofing technologies.

HORNE

HORNE

HORNE is a professional services firm supporting clients in public, private & government sectors nationwide.

Raman Power Technologies

Raman Power Technologies

Raman Power Technologies focus on bringing value and solving business challenges through the delivery of modern IT services and solutions including cybersecurity.

Synoptek

Synoptek

Synoptek is a global systems integrator and managed IT services provider (MSP). We offer comprehensive IT management and consultancy services to organizations worldwide.

Virtual IT Group (VITG)

Virtual IT Group (VITG)

VITG is a cyber security-focused Managed Service Provider (MSP).

KTrust

KTrust

KTrust provides Continuous Threat Exposure Management for Kubernetes environments.