Jump to content
  • As Hacker Attacks Rise, States Start to Consider Banning Ransom Payments

    aum

    • 340 views
    • 2 minutes
     Share


    • 340 views
    • 2 minutes

    Online attacks in which criminals seize control of victims’ data are rising, and government agencies are far from immune. That’s now leading states to consider laws prohibiting state agencies from paying ransoms to get the decryption key that would unlock what are often vital files.


    North Carolina in May and Florida in July put into effect laws that ban payment of ransoms in such cases, and more states are expected to follow suit with their own versions of such bans, Bankinfosecurity reports.


    In the case of North Carolina, the new law requires immediate reports of any ransomware attacks to state authorities. In addition to banning payments, it bars victimized state agencies from talking to the attackers. Florida’ law doesn’t bar such communication, according to the report. Pennsylvania’s senate in January passed a ban on state agencies paying ransom, and like bans are being debated in Arizona, New Jersey, New York, and Texas, the Bankinfosecurity report says, citing reporting by CPO Magazine.

     

    States are starting to consider such laws in response to a rising tide of ransomware attacks, many of which victimize private organizations but also target government agencies, including school districts.


    And such attacks have multiplied rapidly in recent years as online thieves shift tactics to exploit weaknesses in victims’ defenses, allowing the attackers to realize payoffs not from the outright sale of stolen data but from demanding ransom payments from the victims. The problem is global. Some 79% of cybersecurity professionals around the world reported in April that their organizations had been hit by a ransomware attack in the past 12 months.


    Meanwhile, the fraction of all data breaches that involve a ransom demand has ballooned from less than 1% of all breach incidents in 2016 to 21% last year, according to data from Risk Based Security Inc.


    With such attacks, online criminals encrypt data stored by victim companies or agencies and then demand payment to supply the decryption key. Once obtained, the key may or may not unlock the data. The average ransom payment across all businesses globally is about $170,000, according to the security firm Sophos.

     

    Source


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...