White House backs away from banning ransomware payments

White House backs away from banning ransomware payments

Image:
White House backs away from banning ransomware payments

Emphasises disrupting the gangs instead

The US government has decided against banning payments to ransomware gangs.

The decision came after discussions with representatives of private sector organisations and cyber security experts on Wednesday.

Following the attacks on fuel transport firm Colonial Pipeline and meatpacker JBL, which saw multimillion dollar ransoms paid to cyber gangs in return for decryption keys, some US lawmakers had called for such payments to be banned.

Energy secretary Jennifer Granholm said in May: "We need to send this strong message that paying of ransomware only exacerbates and accelerates this problem. You are encouraging the bad actors when that happens."

However, most voices, including that of the FBI, cautioned against this approach.

"If we ban ransom payments now, you're putting US companies in a position to face yet another extortion, which is being blackmailed for paying the ransom and not sharing that with authorities," Bryan Vorndran, assistant director of the FBI's cyber division, told Congress in June.

Other cyber security experts noted that the most expensive part of an attack is repairing the damage rather than the ransom itself, and that without the option to resolve the matter quickly, some organisations could go under.

"Initially, I thought that was a good approach," said deputy national security advisor for cyber and emerging technology Anne Neuberger on Wednesday, as reported by Cyberscoop. "We know that ransom payments are driving this ecosystem."

She continued: "We heard loud and clear from many that the state of resilience is inadequate, and as such, if we banned ransom payments we would essentially drive even more of that activity underground and lose insight into it that will enable us to disrupt it."

As part of these efforts to disrupt ransomware gangs, the US government set up the Ransomware Task Force, an alliance of big tech firm and government agencies, which seeks to tackle ransomware groups by going after their financial operations and limiting their ability to get paid.

The US authorities how that by making life difficult for attackers, they will avoid hitting high-profile US targets, although that approach might leave smaller ones more vulnerable.

President Biden has also been in discussions with Russian president Putin about reining in ransomware gangs, many of which are thought to operate on Russian soil.

Some states, including New York, North Carolina and Pennsylvania, are separately considering their own legislation to ban state and local government agencies from paying a ransom to cyber criminals.