Report: Inadequate reporting hampers US fight against ransomware

The U.S. is facing challenges in effectively combating increasingly prevalent ransomware attacks across the country due to law enforcement and regulatory agencies' limited ransomware insights stemming from insufficient reporting of attacks and payments, reports BleepingComputer. "The federal government lacks comprehensive data on ransomware attacks and use of cryptocurrency in ransom payments. Current reporting of ransomware attacks and ransom payments made in cryptocurrency is fragmented across multiple federal agencies," said a report from Senate Homeland Security and Governmental Affairs Committee Chairman Gary Peters, which noted that federal agencies only get to understand a fraction of the ransomware threat from the reports they receive. Such gaps have prompted Peters to recommend the immediate federal adoption of ransomware attack and payment reporting requirements, as well as standardized ransomware incident and payment data. Congress has also been recommended to create more public-private ransomware investigations, as well as advance information sharing initiatives. "My bill that was recently signed into law to require critical infrastructure to report cyber-attacks and ransomware payments will be a significant step to ensuring our government has better data to understand the scope of this threat, disrupt the incentive virtual currencies provide for cybercriminals to commit attacks, and help victims quickly recover after breaches," said Peters.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.