Ransomware victims in the US who pay a ransom to cybercriminals for the decryption key may be required to publicly reveal their payment within 48 hours of making it.
The Ransom Disclosure Act, introduced by Senator Elizabeth Warren and Representative Deborah Ross of the United States, would force organizations that are victims of ransomware attacks and pay the ransom to disclose the payment details.
The amount of the ransom sought and paid, the kind of currency used to pay the ransom, and any known information about the attackers requesting the ransom would all be required to be reported.
Within 48 hours of the payment being completed, the information would have to be provided to the Department of Homeland Security (DHS).
The bill’s objective is to provide DHS with more information on ransomware attacks. This way, it can better combat the threat they pose to companies and other organizations throughout the country.
Nowadays, ransomware attacks are on the rise, yet there isn’t vital information to pursue cybercriminals. The law would also mandate disclosure when ransoms are paid, uncovering how much money cybercriminals are siphoning from American companies to fund criminal operations.
Ransomware attacks become increasingly prevalent every year, posing a danger to national security, the economy, and vital infrastructure. Because victims aren’t compelled to disclose attacks or payments to federal authorities, there isn’t essential information required to understand cybercriminal operations and defend against them.
The information provided by this law will guarantee that both the federal government and the business sector are prepared to tackle the risks posed by cybercriminals to the country.
The Ransomware Disclosure Act is still only a proposal. Before President Biden can approve it to be a law, it must be passed by the House of Representatives and the Senate.