Jacksonville, Florida – Jacksonville cybersecurity experts say banning the federal government from paying ransoms with taxpayer money could deter some cyberattacks, but that could come with its own set of consequences. He said there is.
Related: Leader of ransomware group that attacked Jacksonville Beach makes more threats cyber crimes
Cybercriminals are primarily motivated by money, sometimes extorting millions of dollars. Ransomware thieves claim this is a powerful business model.
“Business is going well and will continue to be good,” Rockbit leader Rock Sapp said on a podcast.
That's why 40 countries in the US-led alliance signed a pledge to never pay ransoms to cybercriminals in 2023 to eliminate hacker financing mechanisms.
The international policy recognition was never formalized into actual law, as the United States decided against a complete ban on ransom payments.
Each country took its own actions.
A New York state Senate bill provides that local or state taxpayer funds cannot be used to pay ransoms for ransomware attacks.
Pennsylvania and Texas have introduced similar laws.
Another bill in New York state would require governments, businesses, and healthcare organizations to be fined $10,000 for paying for ransomware.
Tyler Chancey of Scarlet Cybersecurity said a complete ban on extortion payments could have consequences and would not deter crime.
“It's possible that cybercriminals change their tactics. Next to ransomware attacks, the biggest attacks we're seeing are going to be so-called business email compromises…and this is something we've seen recently in local It happened to a county employee,” Chancey said.
He cited a 2023 cyberattack on the St. Johns County Clerk of Courts. Cybercriminals modified the construction company's banking operations within the clerk's website.
Authorities did not realize that county funds were being paid directly to cybercriminals until more than $1 million had been transferred.
“These attacks compromise email accounts and leave them alone for weeks,” Chancey says. “They learn all of your transactions and business, intercept incoming payment information, pass it on to someone else, and turn it into something else. That means you may think you paid a vendor or contractor. In reality, you just paid the threat actor, and it can take weeks before you realize the money is gone.”
The Biden administration will only strongly encourage public and private sectors not to pay ransoms. A spokesperson for the Department of Health and Human Services said it does not take a formal position on banning cyber payments, leaving it up to the National Security Council and FBI.
WJXT News4JAX Copyright 2024 – All rights reserved.
