Victims of ransomware attacks would be required to report payments to their hackers within 48 hours under a proposal from Democratic Senator Elizabeth Warren and Democratic Representative Deborah Ross.
The Ransom Disclosure Act would give the Department of Homeland Security data on ransomware payments, including the amount of money demanded and paid, and the type of currency used. The lawmakers say this is essential to bolster the U.S. government’s understanding of how hackers operate and the extent of the ransomware threat.
“Ransomware attacks are skyrocketing, yet we lack critical data to go after cybercriminals,” Warren said in a statement on Tuesday.
Lawmakers and U.S. officials have been pressing for more regulations since the attack on Colonial Pipeline Co. in May forced the shutdown of the nation’s largest fuel pipeline until the company paid $4.4 million in ransom. Other critical infrastructure has also been targeted, including hospitals and food supply chains. The Biden administration recently backed a separate proposal from Democratic Senator Gary Peters and Republican Senator Rob Portman that would require attacks on federal agency networks and contractors to be reported to the Cybersecurity and Infrastructure Security Agency.
Read more: Behind the Crypto Broker Accused of Enabling Ransomware Hackers
To contact the reporter on this story:
Laura Curtis in Washington at lcurtis7@bloomberg.net
To contact the editors responsible for this story:
Kasia Klimasinska at kklimasinska@bloomberg.net
Catherine Larkin
© 2021 Bloomberg L.P. All rights reserved. Used with permission.
