Experts agree that a ban on ransom payments should decrease ransomware attacks, but concerns about implementing any ban are not trivial. Here are two ideas to consider.
Proposal 1: Increasing the Sanctions List
Expanding the sanctions list to include every ransomware group with a leak site might make threat actors less likely to threaten victims with exposure and data leaks. It would also make victims less likely to pay. Significantly, though, it would eliminate groups’ claims about their reputation and the free publicity they get from media reports based on leak sites.
Would LockBit and BlackCat even have the reputations they have if they had not been able to promote themselves as LockBit and BlackCat? Take away their ability to advertise themselves as a brand.
If a hypothetical group, “Your Trustworthy Criminals” (YTC), cannot sign a ransom note with their group name because their group name is on the sanctions list, and if victims cannot pay them because of the sanctions list and have no reason to trust any note from strangers, what will YTC do? They might try to extort clients or patients directly, but they won’t make much that way.
Proposal 2: Add Mandatory Criminal Charges
Add criminal charges of reckless indifference or attempted homicide to anyone involved in a conspiracy related to attacking a hospital or facility that provides life-saving care. Set minimum mandatory sentences to be served consecutively, not concurrently, with any other charges. Whatever the role — selling access, encrypting, exfiltrating data, negotiating payment, money laundering — any involvement in an attack on a hospital or urgent care facility is part of a conspiracy that shows reckless indifference to life and should be prosecuted as such. Law enforcement should loudly warn young hackers that involvement of any sort will result in mandatory prison terms over and above any sentencing for hacking.
Many of the criminals are not in the U.S. and may never be extradited here, but any affiliates in North America or countries that would extradite should think about whether they might want to stand trial here for attempted murder of hundreds of people.
What Do You Think?
If you agree with either or both of my ideas, please pass them along to those who can act on them because I don’t have a seat at the table for the cool kids or influencers.