Topics
Latest
AI
Amazon
Image Credits:Zf L / Getty Images
Apps
Biotech & Health
mood
Image Credits:Zf L / Getty Images
Cloud Computing
Commerce
Crypto
Enterprise
EVs
Fintech
fundraise
Gadgets
Gaming
Government & Policy
Hardware
Layoffs
Media & Entertainment
Meta
Microsoft
Privacy
Robotics
surety
societal
blank space
startup
TikTok
Department of Transportation
Venture
More from TechCrunch
effect
Startup Battlefield
StrictlyVC
Podcasts
Videos
Partner Content
TechCrunch Brand Studio
Crunchboard
reach Us
Starving hackers of their profits isn’t so simple
As cybercriminals preserve to reap the financial rewards of their attacks , talk of a Union ban on ransom payment is getting louder .
U.S. officials have long urge against paying ransom money demands . But while several U.S. state — include North Carolina and Florida — have made it illegal for local government entities to pay ransom demands , the Biden governing as recently as last fall adjudicate against an outright national ban on ransom money defrayment .
It ’s easy to see why . Not only would banning ransom payment be difficult to implement and require complex chemical mechanism not yet in place , but critic argue that illegalize payments to hacker ultimately penalize the victims of cybercrime who could at last face up legal repercussions for doing what they hold necessary to protect — or , in some cases , save — their business .
Although challenges persist , it appears the U.S. governance ’s mindset might be starting to budge .
In October 2023,a U.S.-led alliance of more than 40 countries vowed as government not to pay ransom money to cybercriminalsin a bidding to crave the cyberpunk from their source of income .
Since then , just as public lecture of a likely ransom requital ban has gotten louder , so has the ransomware activity .
In 2024 alone , we ’ve seen financially drive hackers brazenly mass - exploit defect invariousremoteaccess toolsto deploy ransomware;notorious ransomware groups ricochet back from government put-down ; and disruption at healthcare supplier across the U.S. aftera ransomware approach on prescription drug processing giant Change Healthcare .
Join us at TechCrunch Sessions: AI
Exhibit at TechCrunch Sessions: AI
Is a ban on ransom money defrayal the solution ? It ’s not that dewy-eyed .
To ban or not to ban?
On the face of it , a ransom payment ban makes logical gumption . If victim brass are prohibited from paying , attackers will have less of a financial incentive to steal their datum . In theory , this means those look for to get rich nimble will be force to go elsewhere — and that ransomware blast could become a matter of the past .
The other side is that many trust make ransom payment illegal is an over - simplistic solution to a complex problem .
Ransomware is a global trouble . For a ban on ransom money payment to be successful , international and cosmopolitan regulation would necessitate to be implemented — which , give varying international standards around ransom defrayal , would be almost impossible to enforce . It would also expect government activity that cede good haven to cybercriminals — Russia gets an obvious namecheck — to crack down within their own border , which they ’re not incentivized to do .
A cover ban on ransom payment would also likely necessitate elision in horrific circumstances , such as ransomware attacks involve the hazard of loss of life in aesculapian facilities or threats to national critical base .
These exception , while logical , would also apply to the hackers behind these attacks , which could lead to an assault on the res publica ’s critical substructure . And as long as cybercriminals continue to make money , ransomware and extortion threats wo n’t go aside .
Some also argue that if a ransom money payment Bachelor of Arts in Nursing were imposed in the U.S. or any other highly victimized country , companies would likely stop reporting these incidents to the authorities , effectively overrule all of the preceding cooperation between victims and jurisprudence enforcement .
Allan Liska , a ransomware expert and threat intelligence analyst at Recorded Future , tell TechCrunch that before a blanket forbiddance on payments to ransomware group — or a proscription with some exceptions — is enforced , we ask to make a concerted effort to well catalog the number of ransomware tone-beginning “ so we can make an informed decisiveness on the best whole step . ”
“ In the United States , we actually have two test pillowcase that prove this point , ” pronounce Liska . “ Both North Carolina and Florida have implement bans on public entities paying ransom money to ransomware mathematical group . In both showcase , looking at the information from a twelvemonth before the law croak into effect and the class after , there has been no evident change in the routine of publicly report ransomware attack against public organisation in those nation . ”
Would a ban even work?
There ’s also the issue of how effective a ransom defrayal proscription would be .
As history has prove , drudge have little regard for rules . Even when an organization does yield to an attacker ’s ransom requirement , the dupe ’s data point is not always delete — as demonstrated by the recent rule-governed takedown of the LockBit ransomware gang .
Given the brazen nature of these attackers , it ’s unlikely that they would be discourage by a forbidding on ransom requital . Rather , criminalizing requital would in all probability crusade it further underground and would in all likelihood encourage aggressor to change tactics , becoming more covert in their operations and transactions .
“ Are ransom money payment bad ? Yes , there is no net good to society that comes from ante up ransomware groups , in fact , there is a verbatim net damage to society by pay these menace worker , ” said Liska .
“ Will banish ransom money defrayal end ransomware groups from carry out attacks ? The answer to that is unequivocally no . ”
register more on TechCrunch :
Why are ransomware gangs create so much money ?
