Ransom Disclosure Act Necessitates Reporting of Payments to Ransomware Groups In 48 Hours

New legislation was launched that necessitates ransomware attack victims to make known any payments given to the threat actors to the Department of Homeland Security (DHS) within 48 hours after making the ransom payment.

Sen. Elizabeth Warren (D-Mass.) and Rep. Deborah Ross (D-N.C.) brought in the Ransom Disclosure Act. The bill seeks to offer the DHS the facts it requires to check ransomware attacks and increase comprehension of how cybercriminal groups run their business, hence letting the DHS get a good overview of the ransomware threat confronting the United States.

Between 2019 and 2020, ransomware attacks grew by 62% across the world, and by 158% in the U.S.A. The Federal Bureau of Investigation (FBI) got 2,500 complaints concerning ransomware attacks in 2020, 20% higher in comparison to the past year and $29 million more reported losses due to ransomware attacks in 2020. Not every ransomware attack is documented. Numerous victims opt to privately pay the threat actors to obtain the keys to decrypt their information and stop the public disclosure of any stolen information during the attack.

Chainalysis is convinced ransomware groups around the world received more or less $350 million in cryptocurrency in 2020, which grew by 311%. Attacks kept on increasing in 2021. Based on Check Point’s mid-year security report, the first 6 months of 2021 had 93% higher ransomware attacks compared to the matching period of time the previous year.

Like the ransomware attack on Colonial Pipeline has proven, the groups responsible for these attacks create a major national security risk. That attack contributed to the shutdown of a serious fuel pipeline for approximately one week. The attack on JPS Foods affected food manufacturing, and a large number of attacks on the healthcare market have impacted the capacity of healthcare companies to give proper care to patients. This year, CISA mentioned ransomware attacks hamper care and have an effect on patient results, and there was a loss of life in the U.S.A. which is supposed to have been caused by a ransomware attack.

Ransomware attacks keep on increasing given that they are lucrative and grant ransomware gangs and their affiliates an excellent revenue. There is additionally little chance of being found and brought to the law. Sadly, investigations of ransomware groups could be affected by a deficiency of data, consequently the launch of the Ransom Disclosure Act.

Though the FBI urges the ransomware attacks reporting to aid investigations, it isn’t compulsory. Sad to say, considering that victims aren’t expected to report attacks or ransom payments to government authorities, the crucial information needed to fully grasp these cybercriminal businesses are lacking to stop these attacks, explained Congresswoman Ross. This law will put in place critical reporting requirements, such as the amount of ransom asked by the attackers and paid, and which currency is used. The U.S. is unable to continue to combat ransomware attacks without being aware of this information.

The Ransom Disclosure Act will call for:

  • Ransomware victims (except persons) to reveal any ransom payments in 48 hours after giving the payment, together with the amount, currency employed, and any details that were obtained on the entity requiring the ransom.
  • The DHS will be expected to publish data exposed during the past year regarding the ransoms paid, not including identifying details related to the entities who made payments.
  • The DHS will need to build a website for people to voluntarily submit a report of the ransom payments.
  • The Secretary of Homeland Security will have to do an analysis on commonalities between ransomware attacks and the scope to which cryptocurrency was involved in the attacks, and give suggestions for securing data systems and fortifying cybersecurity.