Top officials again push back on ransom-payment ban

The Institute for Security and Technology’s Ransomware Task Force threw cold water on the need for a ransomware payment ban in a report released Wednesday.

The nonprofit Institute for Security and Technology rejects the viability of a ransom payment ban for multiple reasons, including:

• Concerns about a ban’s impact on ransom payment reporting by victims.
• The potential to drive more payments underground.
• And the unintended consequences and practicalities of critical infrastructure exemptions.

Rather than a ban, the RTF detailed 16 milestones it asserts would be “the most reasonable and effective approach to reducing payments.”

“While a ban may be an easier policy lift than activities designed to drive preparedness, it will almost certainly create the wrong kind of impact,” the RTF co-chairs said via email. “The number of organizations making payments is declining, which suggests we’re on the right path.”

Most of the RTF’s recommendations are already in place, under development or at least partially underway. All but one of the proposals were originally shared in a report the group released in September 2021.

To view the list of 16 milestones and read the rest of the article, visit Cybersecurity Dive.