Monday, December 6

Payments to hackers for ransomware may not exceed $ 100,000 if the bill advances

US Congressman Patrick McHenry, from North Carolina, introduced the draft Ransomware and Financial Stability Act last Wednesday, November 10, before the House of Representatives. The project introduced by McHenry aims to discourage ransomware attacks and establishes a series of rules for attacked financial institutions.

Ransomware attacks consist of the encryption or encryption of programs and data of an organization, carried out maliciously remotely. This greatly paralyzes the operations of the affected computers. The attackers ask for a ransom, usually in bitcoin (BTC) or other cryptocurrencies, to reconvert the encrypted data to its initial state.

a Press release McHenry’s office notes that “this law will protect the critical financial infrastructure that makes daily economic activity possible.”

Ransomware payments in the US have totaled more than $ 1 billion since 2020. Most notably, last May, a Russian ransomware attack forced Colonial Pipeline to shut down oil supplies to the eastern United States before of the company paying the hackers. Disruptive as this attack was, it pales in comparison to what would happen if America’s critical financial infrastructure were shut down.

Patrick McHenry, Representative from North Carolina, USA.

The ransomware attack on the Colonial Pipeline oil pipeline company, which occurred on May 7 and reported by CriptoNoticias, discontinued supply of refined gasoline for aircraft off the southeastern coast of the United States.

The draft provides financial infrastructure institutions with a roadmap in the event that they are attacked by ransomware. Affected entities are first required to notify the Treasury Department before making a ransomware payment.

A law that seeks to discourage hackers

The law would discourage hackers by prohibiting very high ransom payments. Specifically prohibits payments over $ 100,000unless the authorities provide a Ransomware Payment Authorization for a higher amount, or the US President issues a “national interest” waiver of this provision.

The law provides legal clarity when responding to attacks, McHenry says in his announcement of the project.

Ensures confidentiality of information when covered institutions notify authorities about a ransomware attack. Provides clarity to financial institutions, including ransomware payment processors, by creating a safe harbor when evaluating a cybersecurity attack, or complying with a Ransomware Payment Authorization.

Patrick McHenry, Representative from North Carolina, USA.

The United States government is taking a closer look at ransomware attacks, according to an article by CriptoNoticias in early July, which reported several incidents related to this type of malicious software or malware. Specifically, it is noted that the US president himself said in a public appearance that he had ordered federal forces to intervene in notorious cases of such attacks.

Leave a Reply

Your email address will not be published. Required fields are marked *