As cybercriminals continue to profit from their malicious acts, the discussion surrounding a federal ban on ransom payments is gaining traction.
Despite repeated warnings from U.S. officials against paying ransom demands, some states like North Carolina and Florida have taken action by outlawing ransom payments for local government entities. However, the Biden administration has yet to implement a nationwide ban on ransom payments, citing the difficulties of enforcement and potential consequences for victims.
But despite these challenges, there are signs that the U.S. government’s perspective may be shifting.
Just last October, a group of over 40 countries, led by the U.S., made a vow as governments to not pay ransoms in an effort to cut off income streams for cybercriminals.
Interestingly, as discussion of a potential ransom payment ban grows stronger, so does the prevalence of ransomware attacks. The past year has seen hackers launching high-profile attacks, such as exploiting vulnerabilities in remote access tools and targeting healthcare providers.
So the question remains, is a ban on ransom payments the solution?
The Complexity of a Ban
On the surface, a ransom payment ban may seem like a straightforward solution. If victims are forbidden from paying, then attackers won’t have a financial incentive to continue their malicious acts. In theory, this would result in a decline in ransomware attacks.
However, there is another side to this argument. Many believe that a ban on ransom payments oversimplifies a complex issue.
Ransomware is a global problem, making it difficult to enforce a universal regulation on payments. This would require cooperation and standardization among international governments, which is currently not a feasible solution. It would also rely on countries that harbor cybercriminals, such as Russia, cracking down on this illegal activity within their own borders – which they have little motivation to do so.
Moreover, exceptions would likely need to be made in certain circumstances, such as for attacks on critical infrastructure or medical facilities where lives may be at risk. This creates a gray area that could potentially be exploited by hackers, and could even result in attacks on the nation’s infrastructure.
Additionally, a ban on ransom payments may discourage companies from reporting attacks, undoing the progress made in cooperation between victims and law enforcement.
Effectiveness of a Ban
Another argument against a ransom payment ban is its effectiveness. History has shown that cybercriminals do not abide by rules or regulations. Even if a victim chooses to pay the ransom, there is no guarantee that their data will be safely returned. As seen in the lawful takedown of the LockBit ransomware gang, attackers may not fulfill their end of the bargain even when a ransom is paid.
Moreover, a ban on payments may not actually deter attackers. Instead, it may drive them further underground and force them to change their tactics to become more covert.
Allan Liska, a ransomware expert and threat intelligence analyst at Recorded Future, argues that while ransom payments do harm society, banning them will not stop attackers from launching attacks.
“Are ransom payments bad? Yes, there is no net good to society that comes from paying ransomware groups, in fact, there is a direct net harm to society by paying these threat actors,” Liska states. “Will banning ransom payments stop ransomware groups from carrying out attacks? The answer to that is unequivocally no.”
For further discussion on cybersecurity and ransomware attacks, read more on TechCrunch.
