Government and industry look to cryptocurrency regulation to slow ransomware

However, experts warn that crypto laws won’t be a silver bullet against attacks

Tech companies and industry groups are urging governments to act against the rising threat of ransomware by regulating cryptocurrency.

The Ransomware Taskforce has released a report urging governments to require cryptocurrency exchanges, crypto kiosks, and over-the-counter trading desks to comply with existing laws, including Know Your Customer (KYC), Anti-Money Laundering (AML), and Combatting Financing of Terrorism (CFT) laws. The task force comprises participants from governments, software firms, cyber security vendors, non-profit and academic institutions worldwide.

The Combating Ransomware report made 48 recommendations to address the ransomware threat.

It called on the US to “lead by example” and execute a “sustained, aggressive, whole of government, intelligence-driven anti-ransomware campaign, coordinated by the White House.”

It said this must include the establishment of an Interagency Working Group led by the National Security Council in coordination with the nascent National Cyber Director; an internal US Government Joint Ransomware Task Force; and a collaborative, private industry-led informal Ransomware Threat Focus Hub.

The report also urged coordinated, international diplomatic, and law enforcement efforts to proactively prioritize ransomware through a comprehensive, resourced strategy, “including using a carrot-and-stick approach to direct nation-states away from providing safe havens to ransomware criminals.”

Industry figures welcomed tighter regulation but said such laws should not treated as a sole means of stopping ransomware.

Peter Grimmond, International CTO & International VP Technical Sales at Veritas Technologies, told ITPro that tighter regulation on cryptocurrencies will certainly “throw a spanner in the works for cybercriminals but businesses should be wary of thinking of this as a silver bullet or of letting their guard down.”

“Hackers have a long history of finding ways of getting paid for their activity. In the early days, it was sending cheques to anonymous PO boxes, then making payments to anonymous vendors on eCommerce marketplaces. As these routes were shut down, hackers evolved their payment demands to cryptocurrencies,” Grimmond said.

Grimmond added that while he supported any move that makes it harder for criminals to take advantage of the organizations, businesses should be wary of a false sense of security cryptocurrency regulation might bring and remain mindful that the best way to protect themselves is to ensure their data is backed up and encrypted.

Related Resource

The business guide to ransomware

Everything you need to know to keep your company afloat

The business guide to ransomware - whitepaper from DattoDownload now

Ilia Kolochenko, CEO, founder, and chief architect at ImmuniWeb, told ITPro the report provides a broad spectrum of valuable and bright ideas. However, most of them are "burdensome and far too expensive from a practical viewpoint."

"Strong global collaboration to combat cybercrime is probably a utopia, especially amid the rapidly growing political tensions around the globe, unclarity of international law’s application to cyberwar and disruptive aggressions in the digital space," Kolochenko said.

"Sadly, virtually all Western law enforcement agencies are significantly underfunded today, while efficient combat with ransomware will probably require at least a tenfold budget increase - just to address this isolated phenomena. Spiraling pandemic losses will unlikely allow countries to spend more on cybercrime prosecution and investigation units unless the private sector donates billions of dollars. Fighting digital currencies is a waste of time, cybercriminals will find a myriad of other smart ways to bypass sanctions and get paid in impunity."

Featured Resources

How to be an MSP: Seven steps to success

Building your business from the ground up

Download now

The smart buyer’s guide to flash

Find out whether flash storage is right for your business

Download now

How MSPs build outperforming sales teams

The definitive guide to sales

Download now

The business guide to ransomware

Everything you need to know to keep your company afloat

Download now

Recommended

JEDI contract's future becomes murky after AWS court win
Policy & legislation

JEDI contract's future becomes murky after AWS court win

11 May 2021
New York seeks to ban bitcoin mining over power consumption
cryptocurrencies

New York seeks to ban bitcoin mining over power consumption

6 May 2021
US lawmakers call for restrictions on software exports to Chinese chip companies
Hardware

US lawmakers call for restrictions on software exports to Chinese chip companies

16 Apr 2021
Pennsylvania county shells out a $500K ransom to recover stolen data
ransomware

Pennsylvania county shells out a $500K ransom to recover stolen data

30 Nov 2020

Most Popular

KPMG offers staff 'four-day fortnight' in hybrid work plans
flexible working

KPMG offers staff 'four-day fortnight' in hybrid work plans

6 May 2021
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

29 Apr 2021
How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

30 Apr 2021