back to article US officials close to persuading allies to not pay off ransomware crooks

Top White House officials are working to secure an agreement between almost 50 countries to not pay ransom demands to cybercriminals as the international Counter Ransomware Initiative (CRI) summit gets underway in Washington DC Tuesday. "This was a really big lift, and we're still in the final throes of getting every last …

  1. Sora2566 Bronze badge

    And so, cryto became tightly regulated and tightly monitored by the government, losing its two big selling points.

    1. Clausewitz4.0 Bronze badge
      Black Helicopters

      And so, cryto became tightly regulated and tightly monitored by the government

      Not at all. Use Monero. A friend of a friend also told him he would happily exchange Bitcoins for Monero for a small fee. With cryptocurrency, USA sanctions are pretty much useless.

    2. DS999 Silver badge

      The "ransomware is a false flag to crack down on crypto" meme

      Makes me laugh. The cryptobros are just worried that one of the biggest "markets" for crypto will go away if everyone quits paying ransom.

      1. MachDiamond Silver badge

        Re: The "ransomware is a false flag to crack down on crypto" meme

        "The cryptobros are just worried that one of the biggest "markets" for crypto will go away if everyone quits paying ransom."

        There's still guns and drugs with some underage pr0n thrown in.

  2. DS999 Silver badge

    Finally doing what I said they should do

    Like five years ago when ransomware was starting to become a thing. Better late than never I guess!

    It would have been so much easier to crack down on it back before it became so established, now that it has been ingrained into the business world as a "cost" (you can even buy ransomware insurance!) there will probably be pushback from companies that are hit by it during the interim between the ban and between the ransomware people giving up because it no longer pays. No doubt that will be painful for those so afflicted, but if they try to delay it or cheat their way around the ban it will only delay the day before ransomware becomes a thing of the past.

    1. Lurko

      Re: Finally doing what I said they should do

      This could be a good thing, but the big question is what the vermin behind ransomware will turn their hand to next. They're clearly not going to go and get an honest job, their skills are in cyber-attacks, and they'll come up with ways to make money from those skills.

      Ransomware and blackmail against individuals won't bring in sufficient money, blackmailing fellow criminal groups is likely to result in a very unpleasant death. Perhaps they'll move to short selling a company before making attacks on company operations to specifically take down the company and cause as much damage as possible?

      1. DS999 Silver badge

        Re: Finally doing what I said they should do

        Oh I'm sure they'll do something but if there was something else they could do as easy and lucrative as ransomware they'd already be doing it.

      2. doublelayer Silver badge

        Re: Finally doing what I said they should do

        My guess: ransomware where they tell the victim that they need to avoid telling anyone that they've paid a ransom. While I support making payment of ransoms illegal, I don't think it will eliminate companies that find some way of doing it. After all, companies manage to pay bribes without writing "cost center: general corruption, item: bribe" on their balance sheet. I've been hoping that, since executives seem to be legitimately frightened about the risk from ransomware, that it would mean more tested backups. Unfortunately, if it has, it hasn't been enough.

        1. DS999 Silver badge

          Re: Finally doing what I said they should do

          If they make payment of ransoms illegal, and they pay ransoms anyway then they've broken the law. And not only broken the law but are part of a conspiracy because there would need to be multiple people involved to make that payment happen - at minimum the CEO to make the call to pay the ransom, the CFO or someone else with authority to transfer money from corporate accounts, plus someone of a techie bent who would know how to exchange the money they transferred into crypto so they can make the payment. Then assuming they even get the password to unlock their files they have to give that to their lower level IT people to decrypt everything (and they are going to wonder how they got the password if paying ransom is illegal...)

          So you have multiple people who could squeal on the whole affair, or turn state's evidence if the Feds find out via e.g. watching money flows and seeing money come out of the corporate account and go to a crypto exchange. Obviously corporate leaders knowingly commit crimes all the time, but something that could be charged under RICO laws is bad place to be since they could do real time if they're caught.

          1. doublelayer Silver badge

            Re: Finally doing what I said they should do

            I get it, and I think banning paying ransoms is a good idea. I'm just speculating on what could happen if they do it, and I can easily imagine a company starting up to consult on recovering from ransomware which ends up taking the money paid to them as "consulting fees" and using part of it to pay a ransom. The attacked company can then claim that they paid consultants to help get them up as quickly as possible and they had no idea what they did to make that happen. Not that it would necessarily work, but I wouldn't be surprised to see someone try it.

            1. DS999 Silver badge

              Re: Finally doing what I said they should do

              Yeah I get what you're saying and there will be some cheating here and there. But if the success rate for ransomware payments drops by 98%, the ransomware guys will find something else to do like attacking crypto wallets on smartphones to steal bitcoin.

        2. Jimmy2Cows Silver badge

          Re: Finally doing what I said they should do

          It's only governments and their departments that have signed up to not paying ransoms. Unclear whether they will expect this from their contracted businesses, or indeed if they will make it illegal for anyone to pay ransomware.

          Making it illegal would mostly kill it overnight. I'd fully support that. Sure, some companies would risk it. Plenty already break the law all the time, and usually don't get caught. Robust enforcement seems key, but how do you police it?

        3. MachDiamond Silver badge

          Re: Finally doing what I said they should do

          "After all, companies manage to pay bribes without writing "cost center: general corruption, item: bribe" on their balance sheet. "

          It's not a bribe, it's payment for consulting and local project guidance.

  3. t245t Silver badge
    Terminator

    How the wintel pc enabled the ransomware infestation

    How about a summit on, how the wintel pc enabled the ransomware infestation.

  4. Anonymous Coward
    Anonymous Coward

    leverage artificial intelligence to analyze the blockchain

    I just KNEW it's only a matter of time to combine the two for The Ultimate Solution!

  5. Anonymous Coward
    Anonymous Coward

    member governments will not pay ransoms

    how about member non-governments?

    1. Clausewitz4.0 Bronze badge
      Black Helicopters

      Re: member governments will not pay ransoms

      Those can always pay through a middlemen in Seychelles or Hong Kong. Write off the fees as consulting.

  6. Anonymous Coward
    Anonymous Coward

    Hold your horses there cowboy!

    It's very easy to say 'Don't pay' but there are other legal responsibilities, specifically those due to the shareholders.

    Paying a ransom incurs a cost, even if insured, but not paying can result in a total loss*. If that happens then there will be a long list of aggrieved shareholders and staff questioning whether the directors did everything in their power to save the company, which includes paying the ransom, and looking for compensation.

    * Not that paying a ransom guarantees that the decryption keys will work as expected.

    1. doublelayer Silver badge

      Re: Hold your horses there cowboy!

      Which is why making it illegal clarifies things. If we agree that it's something people shouldn't do, then doing that removes that particular problem from company directors:

      Shareholder: You're recovering from an attack, yes?

      Director: Yes.

      Shareholder: Why haven't you paid the attacker instead of this expensive recovery?

      Director: That's against the law and the company could get fined if I did. What would that do for your shares?

      Now I think the director has some pretty good reasons not to pay as it is, but just in case the shareholder is determined not to understand why those are good reasons, this makes it much easier to deal with. Of course, this agreement doesn't make it illegal for a company to pay a ransom, just government.

    2. Jimmy2Cows Silver badge

      Re: Hold your horses there cowboy!

      Shareholders should be far more concerned about the lack of an extensive and (here's the critical bit) regularly tested backup and DR plan. Business-crippling data loss is far more likely to occur through general kit failure, outright incompetence, or malicious internal actors, than via ransomware.

      But that's "just IT and they already have a budget, so why do they need more money?"

  7. MachDiamond Silver badge

    Cast in stone policies

    Bad guys don't play by the rules, QED. For the "good" guys to set down unbreakable rules they have to abide by just makes it easier to play the system against itself.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like