OXFORD, United Kingdom - Jen Easterly, the director of the U.S. Cybersecurity and Infrastructure Security Agency, on Thursday poured cold water on suggestions the United States might bring in a ban on ransomware payments.
She was interviewed by Ciaran Martin, the former head of the U.K.'s National Cyber Security Centre, who had earlier this year called for a ban on all ransomware payments in a comment article in The Times newspaper.
There are already similar rules for designated critical infrastructure organizations in the United Kingdom under the NIS Regulations, although the government failed to introduce an update to these laws despite announcing that it would do so two years ago.
The regulations, which pre-date Brexit, are also used in Europe.
A planned consultation in Britain proposing a major overhaul of how the country responds to ransomware attacks - including by banning all payments from the critical infrastructure sector, and requiring all victims to report incidents and to seek a license before making any extortion payments - was scuppered by the snap election.
Easterly also praised her staff's pre-ransomware notification initiative, where the agency shares detections from threat researchers with businesses, for instance of precursor malware.
A similar program in Britain uses the intelligence agencies' unique access to information feeds unavailable to anyone else to detect the beginnings of ransomware attacks and tip off the target.
As Recorded Future News reported previously, in one three-month period this year, they detected an attack every 72 hours on average.
Polish Parliament strips official of immunity, clearing path for prosecution in spyware scandal.
TeamViewer says Russia's 'Cozy Bear' hackers attacked corporate IT system.
This Cyber News was published on therecord.media. Publication date: Fri, 28 Jun 2024 18:00:19 +0000