Senator Elizabeth Warren and Congresswoman Deborah Ross, both from the US Democratic Party, are proposing a law in which companies victims ransomware in the country are required to report ransom payments made. The bill, entitled Rescue Disclosure Law, aims to provide a more complete picture of the threats from this type of attack, reinforcing the understanding of how cybercriminals operate.
The information will provide the US Department of Homeland Security (DHS) with critical data about ransomware payments. “Unfortunately, as victims are not required to report attacks or payments to authorities federal, we don't have the critical data needed to understand this cybercriminal practice and fight these intrusions,” says Ross.
what the law requires
The law requires ransomware victims to report ransom payments within 48 hours after they are made. This is information such as the amount of redemption required and paid, as well as the type of currency used for payment.
The project also requires that the DHS make public information disclosed during the previous year, excluding identifying information about entities that paid ransoms. DHS shall establish a website through which individuals can voluntarily report the payment they have made.
Under the law, the US Secretary of Homeland Security will be instructed to conduct a study of the similarities between ransomware attacks and the extent to which cryptocurrency facilitated these attacks. In addition, recommendations for securing information systems and strengthening cybersecurity should be provided.
A growing threat
It cybercrime mode (basically, the hijacking of sensitive data with return for reward) is seen as a significant threat to the national security of the US and countless other countries around the world. Ransomware attacks impact critical infrastructure from military installations to medical centers.
Cybercriminals break into databases and encrypt crucial files from companies to governments, keeping the data hijacked until they receive a ransom amount. Because of the difficult tracking, cryptocurrencies such as Bitcoin, have been hackers' preferred payment method.
- CVC Tour Company Falls Victim of Ransomware Attack and Shares Fall
- A third of global companies have already been victims of ransomware, study says
- Protege is the newest victim of ransomware attack in Brazil
Between 2019 and 2020, ransomware attacks increased 62% worldwide and 158% in North America. The pressure for more regulation in the US has increased since the attack on Colonial Pipeline Co. in May, which forced the closure of the country's largest fuel pipeline. The company paid US$4,4 million (approximately R$24 million) in ransom.
a similar attack occurred with JBS, the world's largest meat producer, being a victim. The company paid $11 million (BRL 60,45 million) in bitcoin to a group of hackers who temporarily shut down the company's factories in the United States, Canada and Australia.
Have you watched our new videos on YouTube? Subscribe to our channel.