January 3, 2024 at 03:37AM
Emsisoft advocates for a total ban on ransom payments following a surge in ransomware attacks on US organizations, costing nearly $1.5 million each on average to rectify. It pointed to record-breaking attacks in 2023, including those on hospitals, schools, and government bodies. The report also highlights concerns about the need for a comprehensive solution to the ransomware problem.
The meeting notes highlight the alarming increase in financially motivated ransomware attacks, particularly in the US, affecting a wide range of organizations including hospitals, schools, government entities, and private-sector businesses. Emsisoft, an information security firm, advocates for a complete ban on ransom payments as a solution to the growing problem. However, it is noted that opposing views exist, with concerns about the potential negative consequences and the difficulty of enforcing such a ban.
Additionally, the International Counter Ransomware Initiative has agreed to a policy statement against paying ransom demands, but it applies mainly to institutions under national government authority, leaving many victim organizations and private-sector companies still free to make payments.
Key stakeholders such as Megan Stifel, chief strategy officer for the Institute for Security and Technology, emphasize the need for a multifaceted approach to combating ransomware, including policy changes, support for resilience, and awareness campaigns. It is noted that implementing a ban on ransom payments is not a straightforward solution, as criminals are diversifying their tactics and enforcing uniform international standards around ransom payments presents significant challenges.
In summary, while the proposal for a ban on ransom payments has gained attention, there is recognition that it should be part of a broader strategy that includes various tools and measures to address the complex and evolving ransomware threat landscape.