Imagine a world where ransomware victims across the globe simply refused to pay their attackers. In theory, the attackers would quickly realize their extortion business model no longer made any sense.
As has been widely observed, victims who pay attackers simply fuel the next wave of ransomware. It follows from this that as long as paying continues to be the default option for many victims, ransomware will only get worse.
As reported by this blog, it’s why the idea of banning ransom payments has been kicking around in government circles in the United States and elsewhere for some time.
The catch: to have any chance of success, governments across the world would have to follow the same policy with no backsliding. Getting agreement on this has always been a major obstacle but now it looks as if an early version of a ban might now be within reach.
Last week at the U.S. Government’s third annual International Counter-Ransomware Initiative in Washington, D.C., it was announced that up to 50 countries represented at the meeting had endorsed the idea of a non-payment policy for attacks against government servers.
It’s an impressive display of resolve even if the effect of a ban on payments by governments would be mostly symbolic at a time when most attacks are against private organizations.
Nevertheless, the Counter-Ransomware Initiative agreement has other tricks up its sleeve that might be more significant. One of these is to track and blacklist cryptocurrency wallets used to receive ransom payments to attackers. If a more coordinated system could be found to block those, instructing government agencies to not pay ransoms might become moot; the payments would never reach the criminals.
The worry is that refusing to pay or disrupting payments by governments might not be as successful as its advocates believe. Money isn’t the only motivation that gets some criminals out of bed in the morning and there’s also the possibility that rogue states would pay them to continue causing mayhem.
Making this work would also require countries to share intelligence, act more quickly when they receive it, harmonize rules on money laundering, and agree to pursue named criminals more diligently than some have been doing.
As the country that’s probably the most targeted, the United States sees its role as being to accelerate countries around it to take enterprise cybercrime such as ransomware more seriously before the problem deteriorates even further.
Global cooperation isn’t a panacea—cybercrime existed long before ransomware arrived and would continue in a variety of forms even if ransomware was somehow ended. But it might give everyone some relief from its effects before a new and possibly even more dangerous era of cybercrime is unleashed by technologies such as AI.