Government and industry look to cryptocurrency regulation to slow ransomware

However, experts warn that crypto laws won’t be a silver bullet against attacks

Tech companies and industry groups are urging governments to act against the rising threat of ransomware by regulating cryptocurrency.

The Ransomware Taskforce has released a report urging governments to require cryptocurrency exchanges, crypto kiosks, and over-the-counter trading desks to comply with existing laws, including Know Your Customer (KYC), Anti-Money Laundering (AML), and Combatting Financing of Terrorism (CFT) laws. The task force comprises participants from governments, software firms, cyber security vendors, non-profit and academic institutions worldwide.

The Combating Ransomware report made 48 recommendations to address the ransomware threat.

It called on the US to “lead by example” and execute a “sustained, aggressive, whole of government, intelligence-driven anti-ransomware campaign, coordinated by the White House.”

It said this must include the establishment of an Interagency Working Group led by the National Security Council in coordination with the nascent National Cyber Director; an internal US Government Joint Ransomware Task Force; and a collaborative, private industry-led informal Ransomware Threat Focus Hub.

The report also urged coordinated, international diplomatic, and law enforcement efforts to proactively prioritize ransomware through a comprehensive, resourced strategy, “including using a carrot-and-stick approach to direct nation-states away from providing safe havens to ransomware criminals.”

Industry figures welcomed tighter regulation but said such laws should not treated as a sole means of stopping ransomware.

Peter Grimmond, International CTO & International VP Technical Sales at Veritas Technologies, told ITPro that tighter regulation on cryptocurrencies will certainly “throw a spanner in the works for cybercriminals but businesses should be wary of thinking of this as a silver bullet or of letting their guard down.”

“Hackers have a long history of finding ways of getting paid for their activity. In the early days, it was sending cheques to anonymous PO boxes, then making payments to anonymous vendors on eCommerce marketplaces. As these routes were shut down, hackers evolved their payment demands to cryptocurrencies,” Grimmond said.

Grimmond added that while he supported any move that makes it harder for criminals to take advantage of the organizations, businesses should be wary of a false sense of security cryptocurrency regulation might bring and remain mindful that the best way to protect themselves is to ensure their data is backed up and encrypted.

Related Resource

The business guide to ransomware

Everything you need to know to keep your company afloat

The business guide to ransomware - whitepaper from DattoFree download

Ilia Kolochenko, CEO, founder, and chief architect at ImmuniWeb, told ITPro the report provides a broad spectrum of valuable and bright ideas. However, most of them are "burdensome and far too expensive from a practical viewpoint."

"Strong global collaboration to combat cybercrime is probably a utopia, especially amid the rapidly growing political tensions around the globe, unclarity of international law’s application to cyberwar and disruptive aggressions in the digital space," Kolochenko said.

"Sadly, virtually all Western law enforcement agencies are significantly underfunded today, while efficient combat with ransomware will probably require at least a tenfold budget increase - just to address this isolated phenomena. Spiraling pandemic losses will unlikely allow countries to spend more on cybercrime prosecution and investigation units unless the private sector donates billions of dollars. Fighting digital currencies is a waste of time, cybercriminals will find a myriad of other smart ways to bypass sanctions and get paid in impunity."

Featured Resources

Next-generation time series: Forecasting for the real world, not the ideal world

Solve time series problems with AI

Free download

The future of productivity

Driving your business forward with Microsoft Office 365

Free download

How to plan for endpoint security against ever-evolving cyber threats

Safeguard your devices, data, and reputation

Free download

A quantitative comparison of UPS monitoring and servicing approaches across edge environments

Effective UPS fleet management

Free download

Recommended

30 countries announce crackdown on ransomware payments
ransomware

30 countries announce crackdown on ransomware payments

15 Oct 2021
Senators seek to reform Section 230 protections
Policy & legislation

Senators seek to reform Section 230 protections

14 Oct 2021
Biden is confident in the nation’s cyber security efforts
cyber security

Biden is confident in the nation’s cyber security efforts

4 Oct 2021
Dual citizen sentenced to 11 years for role in North Korean crypto hacking scheme
hacking

Dual citizen sentenced to 11 years for role in North Korean crypto hacking scheme

10 Sep 2021

Most Popular

UK spy agencies supercharge espionage efforts with AWS data deal
cloud computing

UK spy agencies supercharge espionage efforts with AWS data deal

26 Oct 2021
Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
Cryptocurrency: Should you invest?
cryptocurrencies

Cryptocurrency: Should you invest?

27 Oct 2021