New US bill requires ransomware victims to report payments within two days

A bill drafted by the US Senate and House of Representatives would require victims of ransomware attacks in the US to report any payments to hackers within 48 hours.

According to Bleeping Computer, the Ransom Disclosure Act would aim to strengthen the Department of Homeland Security’s (DHS) understanding of how cybercriminal gangs operate.

Senator Elizabeth Warren – who co-drafted the bill – underlined that as ransomware attacks are on the rise, getting to learn more about how money circulates in the underground may help the authorities develop and implement more effective disruption and prevention strategies.

The Ransom Disclosure Act will require ransomware victims to detail information about ransom payments including the amount of ransom demanded and paid, type of currency used for ransom payment, and any known information about the entity demanding the ransom.

The Act would require DHS to make the information disclosed during the previous year public, excluding any information that identifies the entities that paid ransoms. Also, the DHS would be required to establish a website through which individuals can voluntarily report payment of ransoms.

The Secretary of the DHS would also be directed to conduct a study on commonalities among ransomware attacks and the extent to which cryptocurrency facilitated such attacks and also provide recommendations for protecting information systems and strengthening cybersecurity.

Before the Ransom Disclosure Act can become law, the bill will have to pass through the Senate and the House of Representatives and then finally be signed by President Joe Biden.

Copyright © 2021 FinTech Global

Enjoying the stories?

Subscribe to our daily FinTech newsletter and get the latest industry news & research


The following investor(s) were tagged in this article.