Will Governments Ban Ransom Payments To Hackers?

Ransomware criminals are holding businesses and organisations hostage and demanding large payments with greater frequency and scale.  In order to restore the victims systems the prevalent criminal method  is for the hacker to demand to get paid in crypocurrency, which can’t be tracked by the victim or the police.

The financial damage from these cyber attacks range from £70k to £10m and now some US and UK technology experts are urging their governments to make paying ransom to criminal hackers illegal. 

The CEO of Colonial Pipeline has admitted his company paid hackers nearly $4.5m after their attack forced the firm to stop transporting fuel. Since last August, the hackers responsible for the US pipeline hack, DarkSide, have made at least $90m in ransom payments from about 47 victims, Bitcoin records show.

DarkSide is just one of more than a dozen prolific ransomware gangs making vast profits from holding companies, schools, governments and hospitals to ransom. 

Hacking groups work anonymously, so are hard to track down and they often operate in countries unwilling to arrest them. 
Ransomware attacks shut down a victims computer systems or data until a ransom is paid. Law-enforcement agencies around the world are increasingly urging victims not to pay. But paying ransoms is not illegal and many organisations pay in secret.

  • The Ransomware Task Force (RTF) a global coalition of cyber experts is lobbying governments to take action.  It has made nearly 50 recommendations to curb the crime spree, but it hasn’t agreed as to whether countries should ban ransom payments.
  • Britain's ex-GCHQ chief has urged the government to ban ransomware payments to stop criminals profiteering from attacks. Ciaran Martin, the founding chief executive of GCHQ's Cyber Security Centre (NCSC), now an eminent Professor at Oxford University's Blavatnik School, spoke following the Irish health service being  targeted with a ransom attack by criminals. 

Opponents say that a ban on ransom payouts would push criminals to go after even more essential targets, such as hospitals, forcing victims to choose between payment and widespread upheaval.

USA Today:       BBC:     Daily Mail:     Financial Times:     CyberWire:        

You Might Also Read: 

Pipeline Hack: Biden Issues An Executive Order

 

« New Zealand Health Service Is Under Attack
Apple Stores Customer Data In China »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

DigiCert

DigiCert

DigiCert is the only provider of enterprise-grade SSL, IoT and PKI solutions. Our certificates are trusted everywhere, millions of times every day, by companies across the globe.

CloudHesive

CloudHesive

CloudHesive provides cloud solutions through consulting and managed services with a focus on security, reliability, availability and scalability.

Prewen

Prewen

Prewen provide solutions to protect sensitive data across the organisation.

Apomatix

Apomatix

Apomatix is a platform that simplifies the complexity of cyber risk audit and management.

Ordr

Ordr

Ordr Systems Control Engine. The first actionable AI-based systems control engine for the hyper-connected enterprise. You’re in control.

Threat Status

Threat Status

Threat Status are a Threat Intelligence company. We are the developers of Trillion. A cloud based Security As A Service (SaaS) platform.

Calypso AI

Calypso AI

Calypso AI build software products that solve complex AI risks for national security and highly-regulated industries.

NexGenT

NexGenT

NexGenT have combined military-style training with decades of network engineering and cyber security experience into an immersive program to get people into cyber security fast and effectively.

CISO Global

CISO Global

CISO Global (formerly Cerberus Sentinel) are on a mission to demystify and accelerate our clients’ journey to cyber resilience, empowering organizations to securely grow, operate, and innovate.

Secmation

Secmation

Secmation are an agile engineering services firm providing advanced DoD level security design and consultation services for both commercial and defense hardware and software applications.

MorganFranklin Consulting

MorganFranklin Consulting

MorganFranklin Consulting is a management advisory firm that works with businesses and government to address complex and transformational technology and business objectives including cybersecurity.

GajShield

GajShield

GajShield Infotech provides Data Security Firewall solutions to Corporate’s and Government agencies.

Splashtop

Splashtop

Splashtop’s cloud-based, secure, and easily managed remote access solution is increasingly replacing legacy approaches such as virtual private networks.

Capgemini

Capgemini

Capgemini is one of the world's foremost providers of consulting, technology and outsourcing services. Areas of expertise include Cybersecurity.

Rhymetec

Rhymetec

Rhymetec are an industry leader in cloud security, providing innovative cybersecurity and data privacy services to the modern-day SaaS business.

Worksent Technologies

Worksent Technologies

Worksent is a Trusted white-label offshore support partner for MSPs and MSSPs.