The Industry’s Only SaaS-Delivered Enterprise DLP

Our unique approach to DLP allows for quick deployment and on-demand scalability, while providing full data visibility and no-compromise protection.

No-Compromise Data Protection is:

  • Cloud-Delivered
  • Cross Platform
  • Flexible Controls
DATAINSIDER

Digital Guardian's Blog

New Ransomware Bill Would Require Organizations Report Ransom Costs

by Chris Brook on Wednesday October 6, 2021

Contact Us
Free Demo
Chat

A bill introduced this week would require companies to disclose ransomware attacks and how much they cost victims within 48 hours.

It's not the first and definitely won't be the last but yet another bill designed to help reign in ransomware was introduced in Congress this week.

This one, The Ransom Disclosure Act, introduced by Democrats Sen. Elizabeth Warren and Rep. Deborah Ross, would require ransomware victims to disclose within 48 hours after it was breached what type of cryptocurrency it was asked to pay with.

The goal of the bill is mostly research; by reporting what type of cryptocurrency is being demanded of them and how much, the politicians hope to learn more about the illicit cryptocurrency ecosystem and ongoing ransomware epidemic.

“Ransomware attacks are skyrocketing, yet we lack critical data to go after cybercriminals,” Senator Warren said in a statement on Tuesday. “My bill with Congresswoman Ross would set disclosure requirements when ransoms are paid and allow us to learn how much money cybercriminals are siphoning from American entities to finance criminal enterprises -- and help us go after them.”

Under the Ransom Disclosure Act, organizations hit by ransomware would have to supply the Department of Homeland Security with the sum asked, the sum paid, and what type of cryptocurrency the attackers demanded.

After the Act goes into effect, the Department of Homeland Security would publish a website dissecting the aforementioned information, including a total dollar figure for the amount of ransom paid by organizations. Obviously, any information that could reveal the identity of the victim would be omitted from the report.

It's the second bill focused on ransomware to be introduced in the last week.

Last Tuesday, Homeland Security and Governmental Affairs Chairman Gary Peters (D-Mich.) and ranking member Sen. Rob Portman (R-Ohio) introduced a bill, The Cyber Incident Reporting Act, that would require critical infrastructure companies to report cyberattacks in which a ransomware payment is made to the federal government - the Cybersecurity and Infrastructure Security Agency in particular - within 72 hours.

The bill builds on previous legislation introduced by U.S. Representatives John Katko (R-NY), House Homeland Security Committee Ranking Member, and Yvette Clarke (D-NY)

That timeline fits with a recent request made by two groups, one comprised of banking groups, and another by tech companies like Google, Amazon, and Oracle, for a 72-hour window for reporting data breaches. It runs counter to the Cyber Incident Notification Act of 2021, legislation that pitched a 24-hour window earlier this summer.

Ever since this year's ransomware attacks on gas company Colonial Pipeline and meat producer JBS, the Biden administration has been pushing hard to combat ransomware attacks. Last week the White House announced it had plans to meet with 30 other countries to discuss the looming threat; it also last month sanctioned a cryptocurrency exchange for its role in facilitating cybercrime.

Tags: Ransomware

Recommended Resources


  • Why Data Classification is Foundational
  • How to Classify Your Data
  • Selling Data Classification to the Business
  • How to simplify the classification process
  • Why classification is important to your firm's security
  • How automation can expedite data classification

Chris Brook

Chris Brook is the editor of Data Insider. He is a technology journalist with a decade of experience writing about information security, hackers, and privacy. Chris has attended many infosec conferences and has interviewed hackers and security researchers. Prior to joining Digital Guardian he helped launch Threatpost, an independent news site which is a leading source of information about IT and business security for hundreds of thousands of professionals worldwide.