New legislation was created that calls for ransomware attack victims to reveal any ransom payments made to the attackers to the Department of Homeland Security (DHS) in 48 hours after paying the ransom.
Sen. Elizabeth Warren (D-Mass.) and Rep. Deborah Ross (D-N.C.) introduced the Ransom Disclosure Act. The bill aims to give the DHS the information it needs to look into ransomware attacks and enhance information about how cybercriminal enterprises work, therefore permitting the DHS to obtain a better idea of the ransomware threat experienced by the United States.
From 2019 to 2020, ransomware attacks increased by 62% globally, and by 158% in America. The Federal Bureau of Investigation (FBI) had gotten 2,500 complaints concerning ransomware attacks in 2020, 20% higher compared to the earlier year and $29 million more reported losses because of ransomware attacks in 2020. Not all ransomware attacks are documented. A lot of victims decide to silently pay the hackers to get the keys to decrypt their files and avoid the public disclosure of any breached data in the attack.
Chainalysis thinks ransomware gangs globally got paid about $350 million in cryptocurrency in 2020, which is increased by 311%. Attacks have persisted to increase in 2021. As per Check Point’s mid-year security report, the first half of 2021 had 93% more ransomware attacks than the equivalent time period last year.
Just as the ransomware attack on Colonial Pipeline showed, the people behind these attacks present a considerable national security danger. That attack led to the closure of a big fuel pipeline for about a week. The attack on JPS Foods impacted food production, and the big number of attacks on the healthcare sector has affected the capability of healthcare providers to provide treatment to patients. This year, CISA stated ransomware attacks slow down care and impact patient outcomes, and there was a fatality in the U.S. which is claimed to have been because of a ransomware attack.
Ransomware attacks continue to go up considering that they are profitable and provide ransomware groups and their affiliates a very good profit. There is also little threat of being captured and brought to courts. Sadly, investigations of ransomware gangs may be hampered by insufficiency of information, therefore the intro of the Ransom Disclosure Act.
Although the FBI prompts the ransomware attacks reporting to help investigations, it is not obligatory. Sad to say, since victims are not mandated to report ransomware attacks or payments to federal authorities, the vital data required to understand these cybercriminal groups is lacking to deter these intrusions, stated Congresswoman Ross. This law will implement crucial reporting requirements, which include the amount of ransom demanded by the attackers and paid, and the type of currency employed. The U.S. can’t continue to battle ransomware attacks without knowing this information.
The Ransom Disclosure Act will necessitate:
- Ransomware victims (except individuals) to make known any ransom payments in 48 hours after making the payment, which includes the amount, currency utilized, and any details that were collected on the entity demanding the ransom.
- The DHS will need to publish data compromised during the prior year concerning the ransoms paid, excluding identifying data related to the entities who paid.
- The DHS will have to create a website for persons to voluntarily report payments of ransom.
- The Secretary of Homeland Security will be asked to perform research on commonalities among ransomware attacks and the magnitude to which cryptocurrency was needed the attacks, and give recommendations for safeguarding information systems and boosting cybersecurity.