Community Edition
Total Tests:
This Week:
Today:
Recent Blog Posts
Four Iranian Hackers Charged With Cyberattacks On American Firms
April 25, 2024
An Ex-Amazon Security Engineer Gets 3 Years In Jail For Hacking And Crypto Theft
April 18, 2024
Hacker Fakes His Own Death To Avoid Child Support Payments
April 11, 2024
ATM Skimming Ring Leader Sentenced To 75 Months In Prison
April 4, 2024
German Authorities Dismantle the Nemezis Market Dark Web Marketplace
March 28, 2024
Stay in Touch

Get exclusive updates and invitations to our events and webinars:


Your data will stay confidential Private and Confidential

ImmuniWebInternational Media Coverage

New Ransomware Reporting Rules for US Financial Institutions: Proposed Bill Would Require Government Permission for Payments Over $100,000

By Scott Ikeda for CPO Magazine
Friday, November 19, 2021

The bill’s level of support is questionable, given that it appears to have no co-sponsors and no Senate version. The Biden administration has had increased interest in ransomware reporting requirements since the attacks on Colonial Pipeline and JBS occurred earlier in the year, but thus far those efforts have been directed at industries in the physical realm of critical infrastructure without much attention paid to financial institutions. New cybersecurity regulations put in place by the administration have thus far focused on the energy industry and water utilities, mandating that companies report any attacks within 24 hours in some cases.

Ilia Kolochenko, CEO and Chief Architect of ImmuniWeb, thinks the ransomware reporting bill will be a non-starter: “I think the new bill is a disservice for American companies. The more bureaucracy we implement, the more arduous and inefficient a victim’s response will be. Sometimes, an undelayed payment of a ransom can prevent critical data from being placed on a Dark Web marketplace and then be acquired by nation-state threat actors. Today, virtually all ransom demands exceed $100,000 and thus will be subject to laborious approval requirements. Worse, the new bill tackles attack consequences instead of treating the root causes of ransomware. We need more cybersecurity programs in American colleges and universities, a unified data protection law on a federal level that would cover all industries in all US states, support and free cybersecurity training to SMEs, and an immediate budget increase for cyber law enforcement units who struggle to hire talent or even to buy forensic software. Prosecuting foreign hackers from extradition-proof countries and collecting intelligence about untraceable ransom payments will be unlikely to slow down the global pandemic of ransomware.” Read Full Article


Previous Media Publications:

SecurityWeek: The Wild West of the Nascent Cyber Insurance Industry

eSecurityPlanet: U.S. State Department Puts $10 Million Bounty on DarkSide Ransomware Group

This website uses cookies to provide you with a better surfing experience. To learn more, please visit our Privacy Policy. By continuing to use this website you consent to our use of cookies.

Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a technical question?

Our security experts will answer within
one business day. No obligations.

Have a sales question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
Your data will stay private and confidential