Ban ransomware payments, Emsisoft urges governments

Share post:

A major cybersecurity company is urging governments to forbid all organizations in their countries from paying ransomware gangs, arguing it would at least make crooks shift from hitting critical infrastructure providers such as hospitals, utilities and schools.

Emsisoft made the plea Monday in releasing final — and record — ransomware numbers for 2023 for the number of organizations hit.

Just over 2,200 U.S. hospitals, schools, and governments were directly impacted by ransomware, the company said, with many more being indirectly impacted via attacks on their supply chains. Additionally, thousands of private sector companies were either directly or indirectly impacted. The number of victim organizations is likely much higher; the numbers gleaned by Emsisoft are ones that can be confirmed. Many organizations — in every country around the world — don’t report successful cyber attacks.

“The only viable mechanism by which governments can quickly reduce ransomware volumes is to ban ransom payments,” Emsisoft argues. “Ransomware is a profit-driven enterprise. If it is made unprofitable, most attacks will quickly stop.”

“Were there to be a ban, we believe that bad actors would quickly pivot and move from high-impact encryption-based attacks to other less disruptive forms of cybercrime. It would really make no sense for them to expend time and effort attacking organizations which could not pay. Additionally, bad actors already do attack healthcare providers, local governments, and other custodians of critical infrastructure – relentlessly, day in, day out – and it’s far from certain that they would have either the incentive or the resources to attack them any more frequently.”

Related content: Canadian mid-sized firms paid an average $1.4 million in ransoms

A ban would not need to stop all payments, Emsisoft argues. It would simply need to stop enough to ensure that ransomware ceased to be profitable and, as most companies would abide by the law, this would likely be achieved.

In 2022, Emisisoft notes, both North Carolina and Florida banned public sector entities from paying demands. “As far as we are aware, no entity in either state has experienced catastrophic data loss as a result of the ban, and nor have any experienced unusually excessive downtime.”

We reached out to Canadian-based Emsisoft threat researcher Brett Callow with two questions about banning ransomware payments:

First, why would a ban on ransomware payments would stop a gang from attacking organizations? Wouldn’t gangs continue stealing and encrypting data, and then threatening to embarrass the organization into capitulating? “The aim wouldn’t be to stop all cybercrime,” Callow replied, “it’d be to stop disruptive encryption-based attacks. And, yes, a decrease in ransomware could well mean an increase in business email compromise and other forms of cybercrime. But those other forms don’t put people’s lives at risk.”

Second, if paying crooks is banned, isn’t there a risk organizations will ease off on cybersecurity. They would think, ‘Crooks know I won’t pay to get data back, so I won’t be a target any more.’ Callow replied that governments have many legal and regulatory tools to make organizations invest in cybersecurity. For example, he noted that recently New York’s Attorney General secured US$450,000 from U.S. Radiology Specialists, Inc. (US Radiology) for failing to protect its patients’ personal and healthcare data.

Last year, 48 countries, including Canada and the U.S., agreed their national governments shouldn’t give in to ransomware demands. The promise came at the end of the third annual meeting in Washington of the International Counter Ransomware Initiative (CRI).

“CRI members affirmed the importance of strong and aligned messaging discouraging paying ransomware demands and leading by example,” the group said in a statement.

The post Ban ransomware payments, Emsisoft urges governments first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

SUBSCRIBE NOW

Related articles

Casting a Hex and Deceptive Delight: Jailbreaking Techniques Targeting AI Models

OpenAI's GPT-4o language model can be tricked into generating exploit code by encoding malicious instructions in hexadecimal, according...

CRA Admits to Massive Underreporting of Cyberattacks

The Canada Revenue Agency (CRA) has acknowledged that tens of thousands of taxpayer accounts were hacked between March...

Apple Launches $1 Million Bug Bounty for Hacking Apple Intelligence Servers

Apple has announced a new bug bounty program offering up to $1 million to individuals who can successfully...

Over 6,000 WordPress Sites Hacked to Install Plugins Pushing Infostealers

More than 6,000 WordPress websites have been hacked to install malicious plugins that push information-stealing malware, according to...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways