In a new bid to gain visibility into the business of ransomware, two United States lawmakers are proposing a law that would compel businesses to disclose any ransomware payments within 48 hours of the transaction.
Sen. Elizabeth Warren and Rep. Deborah Ross drafted the “Ransomware Disclosure Act” to require organizations (not individuals) to provide the U.S. Department of Homeland Security information on ransomware payments, including the amount and type of cryptocurrency demanded and the sum that was paid.
The goal of the bill is to improve the U.S. government’s understanding of how cybercriminal organizations operate and help officials gain more visibility into the threats posed by ransomware. Traditionally ransoms are paid in bitcoin, but experts say that bad actors are moving towards cryptocurrencies such as Monero which make them even harder to trace.
The Ransom Disclosure Act would also require Homeland Security to set up a website for organizations to voluntarily report ransom payments and in turn, the website will share anonymized data disclosed during the previous year.
“We lack critical data to go after cybercriminals,” said Sen. Warren. “My bill with [Representative] Ross would set disclosure requirements when ransoms are paid and allow us to learn how much money cybercriminals are siphoning from American entities to finance criminal enterprises — and help us go after them.”
It’s not the only tactic the U.S. is trying to crack down on ransomware attacks. In September the Treasury Department issued sanctions against cryptocurrency exchange Suex for its role in facilitating ransom payments after finding that over 40% of its total transactions were associated with bad activity. The Treasury also recently warned U.S. companies that they are prohibited from paying threat actors based in countries subject to sanctions.
As ransomware attacks surge across the globe, CyberGRX is giving enterprises the ability to visualize associated attack methods and prioritize controls for remediation among their vendors. Ransomware Threat Profiles provide a contextual view of how third parties rate against each identified control and allows companies to filter by those controls that are missing and follow up with the third party to request remediation.
“In order to fight ransomware, companies need a methodology that combines a wide range of security safeguards with a modern approach to third-party cyber risk management,” said Fred Kneip, CEO of CyberGRX. “With over 130,000 participating companies in our Exchange platform, coupled with our partnerships with leading threat intelligence companies, CyberGRX is able to provide comprehensive data analytic capabilities that will empower customers to confidently identify major gaps by third parties and the necessary mitigation controls to halt new and sophisticated ransomware threats.”