Ban on ransomware payments? The alternative isn't working The Register

Emsisoft has called for a complete ban on ransom payments following another record-breaking year of digital extortion.
On average, these attacks cost targets about $1.5 million to rectify.
This included 46 American hospital systems, 108 K-12 school districts, 72 colleges and universities, and 95 government bodies.
For comparison: 2022 saw 25 attacks against hospitals, 45 against K-12 schools, 44 targeting post-secondary education, and 106 against government organizations.
The only reason that US government saw a year-over-year decline is because 2022 numbers included 55 local governments in Arkansas affected by a single intrusion into the agencies' shared IT services provider.
If it weren't for this one digital break-in, the number of 2023 incidents would have seen more than a 50 percent increase compared to 2022 ransomware infections.
There's also the high-profile private-sector entities that fell victim to extortionists last year - including Boeing, MGM Resorts, Caesars Entertainment, and Dish Network.
Now that it's mandatory for listed companies to disclose ransomware attacks, per the US Securities and Exchange Commission's rules that took effect at the end of last year, we'd expect the number of reported infections to increase in 2024.
We should also note that Emsisoft does not include the MOVEit attacks, during which ransomware gang Clop exploited a zero-day to steal a ton of data from more than 2,600 public- and private-sector victims via the popular file-transfer software, in its 2023 numbers.
This is because no data was encrypted and not every organization received a ransomware demand.
Still, this breach cost upwards of $15 billion in clean-up fees.
The only solution to this problem, according to Emsisoft, is to ban ransom payments completely.
According to Emsisoft threat analyst Brett Callow, opposition to a total ban on ransom payments is lessening.
In the fall, all 50 member countries of the International Counter Ransomware Initiative signed on to a policy statement under which they agreed not to pay ransom demands to cyber criminals.
This includes enacting policy changes that discourage vendors from releasing buggy software and providing grants for local governments and schools to boost their security.
Most insurance providers are already requiring policy holders to meet some basic IT security standards to qualify for coverage, and the US government could enact similar measures, according to Stifel and the task force.
Mandiant's Jeremy Kennelly, a senior analyst in the Google-owned threat intel firm's Financial Crime Analysis division, believes banning payments isn't as simple as it sounds.


This Cyber News was published on go.theregister.com. Publication date: Wed, 03 Jan 2024 09:13:04 +0000


Cyber News related to Ban on ransomware payments? The alternative isn't working The Register