Two U.S. congresswomen introduced a bill that would require ransomware victims to publicly disclose ransom payments to the federal government.

Introducing the ‘Ransom Disclosure Act’

In early October, Senator Elizabeth Warren (D-Mass.) and Representative Deborah Ross (D-N.C.) introduced a bill for the Ransom Disclosure Act.

Senator Warren said the bill has two main goals. First, it would help the U.S. government to learn how ransomware gangs work. Next, it would deepen their knowledge of the larger ransomware threat.

“Ransomware attacks are skyrocketing, yet we lack critical data to go after cyber criminals,” said Senator Warren. “My bill with Congresswoman Ross would set disclosure requirements when ransoms are paid and allow us to learn how much money cyber criminals are siphoning from American entities to finance criminal enterprises ⁠— and help us go after them.”

If passed, entities that paid a ransom must disclose the details to the government within 48 hours. Those specifics would include the date on which the victim received the ransom demand, the date on which they fulfilled it, the amount paid and in what currency.

If passed, the Department of Homeland Security will be responsible for removing identifying information from ransom payment reports. It would organize the reports submitted during the previous year and publish those records. It will also create a website where people can report ransom payments.

At that point, the DHS secretary will analyze those ransom payment records for common factors such as the extent to which threat actors relied on cryptocurrency to run their attacks. The DHS secretary will then make recommendations. They will do so with an eye to how the U.S. government can protect federal information systems and strengthen their level of security.

Next, the House and Senate will consider the bill.

Potential Drawbacks for Ransomware Victims

Bleeping Computer pointed out a potential drawback of the Ransom Disclosure Act, noting how “many believe that it would merely result in making ransomware attack repercussions more severe”. Harsher punishments could prolong victims’ business disruption and/or delay the return to business as usual, the computer self-help website went on to explain. Victims could suffer more punishment if they end up paying a ransom actor named by the Office of Foreign Assets Control (OFAC) at the U.S. Department of the Treasury.

Indeed, victims could incur sanctions from the federal government under strict liability. This means that the government can hold them liable for a ransomware payment. That would be the case even if they didn’t know that the attacker was sanctioned.

How to Prevent a Ransomware Attack

Regardless of whether the Ransom Disclosure Act becomes law, there are steps businesses can take today. It’s important that the federal government focuses on helping prevent a ransomware attack. The U.S. Cybersecurity & Infrastructure Security Agency (CISA) offered several suggestions in this regard. These include maintaining data backups and testing them on a regular basis, creating an incident response plan and testing their effectiveness in multiple types of scenarios. They can also use a vulnerability management plan to prioritize and remediate their systems’ known security weaknesses.

More from News

Hack-for-Hire Groups May Be the New Face of Cybercrime

Google’s Threat Analysis Group (TAG) recently released a report about growing hack-for-hire activity. In contrast to Malware-as-a-Service (MaaS), hack-for-hire firms conduct sophisticated, hands-on attacks. They target a wide range of users and exploit known security flaws when executing their campaigns. “We have seen hack-for-hire groups target human rights and political activists, journalists and other high-risk users around the world, putting their privacy, safety and security at risk,” Google TAG says. “They also conduct corporate espionage, handily obscuring their clients’ role.”…

More School Closings Coast-to-Coast Due to Ransomware

Instead of snow days, students now get cyber days off. Cyberattacks are affecting school districts of all sizes from coast-to-coast. Some schools even completely shut down due to the attacks. The federal government recently warned that K-12 schools face a growing threat from cyber groups. According to the FBI, school districts often have limited cybersecurity protections, which makes them even more vulnerable. The FBI also says it anticipates the number of threats to increase. In a recent warning, the nation’s…

Hackers are Increasingly Targeting Auto Dealers

Auto dealerships are increasingly concerned with cybersecurity in the face of new regulations and an alarming rise in cyberattacks. The Second Annual Global State of Cybersecurity Report by CDK Global found that 85% of dealerships say cybersecurity is very or extremely important relative to other operational areas. Additionally, 89% say cybersecurity is more important than last year, a 12% increase. Not surprisingly, only 37% of auto retailers are confident in the current protection, which is a 21% decrease from 2021.…

LastPass Breaches Cast Doubt on Password Manager Safety

In 2022, LastPass suffered a string of security breaches which sparked concern among cyber professionals and those impacted by the intrusions. Some called into question the way LastPass handled and responded to the incident. In addition, the situation ignited a wider conversation about the risks linked to utilizing password managers. A password manager helps users generate strong passwords and safeguards them within a digital locker. A master password secures all data, which enables users to conveniently access all their passwords…