Over the past year, the U.S. government and several other nations have faced a crucial dilemma: Should they prohibit ransomware payments altogether while considering exceptions for exceptional circumstances?
During a recent event hosted by the Ransomware Task Force, Anne Neuberger, White House Deputy National Security Adviser, it was revealed that banning ransomware payments has been extensively deliberated within the Counter Ransomware Initiative. This initiative has rapidly evolved since its inception in 2021.
International Counter Ransomware Initiative 2022 Joint Statement
Limelight on the issue
Neuberger highlighted the staggering number of over 6,500 ransomware attacks worldwide between 2020 and 2022, which has sparked challenging discussions on disrupting the ransomware ecosystem.
The driving force behind ransomware is fundamentally monetary. While individual entities may decide to pay the ransom, Neuberger emphasized that it is wrong when considering the broader issue of ransomware. However, there are instances where the restoration of critical services, such as major hospitals or emergency services, becomes an imperative priority.
Neuberger stated, “When we contemplate the prohibition of ransom payments, we will accompany it with a waiver system, requiring notification or seeking permission from the U.S. government. It is a complex question, one that we have struggled with.”
Despite significant efforts made over the past two years, including takedowns and arrests, critical organizations continue to fall victim to ransomware attacks.
“Banning ransom payments could inadvertently create opportunities for further extortion by ransomware gangs,” said Bryan Vorndran, assistant director of the FBI’s cyber division.
In an interview with CNN, Transportation Security Administrator David Pekoske said, “Paying ransom should be a “business decision and a security decision with guidance from the government.”
What is triggering?
On Wednesday, Dallas experienced a computer ransomware attack, resulting in the Police Department and City Hall websites going offline and some jury trials being called off. The emergency 911 system remained unaffected, but the computer-assisted dispatch system used by firefighters to attend emergency calls was disrupted, according to Dallas Fire-Rescue spokesperson Jason Evans.
This incident is a matter of concern because the ransomware attack took down essential services.
According to Neuberger: “But when we talk about countering cybercrime, we can build the kind of international cyber coalition to take on and drive that operationalization of working disruption together, ensuring that crypto entities or banks put in place know your customer entities.”
“We can truly build that unified international global cyber coalition which we all know is foundational to making cyberspace secure and safe for the world.”
Retrospectively…
The discussions surrounding the prohibition of ransomware payments while allowing for waivers in certain circumstances highlight the ongoing challenges governments and organizations face in combating the persistent ransomware threat.
Finding a balance between preserving critical services and collectively tackling the more significant ransomware issue remains arduous.