What’s the USA doing to cease or sluggish ransomware?
We’re not attempting very arduous. The US is probably the most focused nation by cybercriminals and nation states, however we’re not performing prefer it. We’re largely outlining tips for corporations and authorities businesses to forestall ransomware assaults and hoping for the most effective. It’s not working.
What ought to be completed as an alternative?
There isn’t any silver bullet, however there are some steps that would assist. The U.S. authorities may designate ransomware as a nationwide safety menace on par with terrorism, which might funnel extra intelligence assets to fight it. Nations which might be protected havens for ransomware gangs similar to Russia could possibly be topic to sanctions or restrictions on journey to the USA. That will strain international locations to go after ransomware criminals inside their borders.
We may additionally require that corporations and authorities businesses which might be hit by ransomware assaults disclose them publicly. The Treasury Division may think about prohibiting victims from paying ransoms. Most ransomware gangs demand cost in Bitcoin, and it may assist hint criminals if banking business “Know Thy Buyer” guidelines and anti-money-laundering legal guidelines have been enforced with cryptocurrency exchanges.
And we want a 911-type hotline for ransomware victims. Organizations usually don’t know who to name when they’re focused.
What can organizations which might be focused by ransomware assaults do to forestall them?
If corporations, authorities businesses and organizations required all staff and others who entry their pc networks to make use of robust passwords, password managers and multi-step authentication, it could go an extended solution to forestall cyberattacks.
It might additionally assist if organizations have been required to have copies of their digital data and to again them up often. Victims wouldn’t be within the place to should pay to get better their very own knowledge. The federal government may additionally create tax credit or different monetary incentives for corporations and authorities businesses to take these steps.
I don’t wish to blame victims, however why aren’t corporations and public businesses taking these safety measures already?