Researchers Mixed on Sanctions for Ransomware Negotiators

2020-10-02 18:03

Ransomware negotiators may have to pay up in new ways if they intercede with cybercriminals on companies' behalf.

The U.S. Department of the Treasury said Thursday that companies that facilitate ransomware payments to cyber-actors on behalf of victims may face sanctions for encouraging crime and future ransomware payment demands.

"The converse is true. This advisory will propagate ransomware rather than reduce it for three key reasons. First, it disincentivizes reporting ransomware attacks, robbing law enforcement, security professionals, and analysts of data vital to combat future attacks. Second, it fails to provide an effective data recovery alternative. Third, it favors big corporations while crushing small- to medium-sized businesses beneath its heel."

He added, "Organizations that give into hackers' demands are only supporting the profitability and growth of ransomware activity. When it comes to ransomware attacks, prevention will always be better than a cure."

"Today's ransomware and extortion problem is unbearable. Many ransomware operators steal a large volume of sensitive data from organizations prior to deploying encryptors and locking organizations out of their systems and data. Threat actors may ask for money for a decryption tool, a promise to not publish the stolen data, and a walkthrough of how they broke into the network."

News URL

https://threatpost.com/mixed-sanctions-ransomware-negotiators/159795/

#ransomware #researcher