IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Government and industry look to cryptocurrency regulation to slow ransomware

However, experts warn that crypto laws won’t be a silver bullet against attacks

Tech companies and industry groups are urging governments to act against the rising threat of ransomware by regulating cryptocurrency.

The Ransomware Taskforce has released a report urging governments to require cryptocurrency exchanges, crypto kiosks, and over-the-counter trading desks to comply with existing laws, including Know Your Customer (KYC), Anti-Money Laundering (AML), and Combatting Financing of Terrorism (CFT) laws. The task force comprises participants from governments, software firms, cyber security vendors, non-profit and academic institutions worldwide.

The Combating Ransomware report made 48 recommendations to address the ransomware threat.

It called on the US to “lead by example” and execute a “sustained, aggressive, whole of government, intelligence-driven anti-ransomware campaign, coordinated by the White House.”

It said this must include the establishment of an Interagency Working Group led by the National Security Council in coordination with the nascent National Cyber Director; an internal US Government Joint Ransomware Task Force; and a collaborative, private industry-led informal Ransomware Threat Focus Hub.

The report also urged coordinated, international diplomatic, and law enforcement efforts to proactively prioritize ransomware through a comprehensive, resourced strategy, “including using a carrot-and-stick approach to direct nation-states away from providing safe havens to ransomware criminals.”

Industry figures welcomed tighter regulation but said such laws should not treated as a sole means of stopping ransomware.

Peter Grimmond, International CTO & International VP Technical Sales at Veritas Technologies, told ITPro that tighter regulation on cryptocurrencies will certainly “throw a spanner in the works for cybercriminals but businesses should be wary of thinking of this as a silver bullet or of letting their guard down.”

“Hackers have a long history of finding ways of getting paid for their activity. In the early days, it was sending cheques to anonymous PO boxes, then making payments to anonymous vendors on eCommerce marketplaces. As these routes were shut down, hackers evolved their payment demands to cryptocurrencies,” Grimmond said.

Grimmond added that while he supported any move that makes it harder for criminals to take advantage of the organizations, businesses should be wary of a false sense of security cryptocurrency regulation might bring and remain mindful that the best way to protect themselves is to ensure their data is backed up and encrypted.

Related Resource

The business guide to ransomware

Everything you need to know to keep your company afloat

The business guide to ransomware - whitepaper from DattoFree download

Ilia Kolochenko, CEO, founder, and chief architect at ImmuniWeb, told ITPro the report provides a broad spectrum of valuable and bright ideas. However, most of them are "burdensome and far too expensive from a practical viewpoint."

"Strong global collaboration to combat cybercrime is probably a utopia, especially amid the rapidly growing political tensions around the globe, unclarity of international law’s application to cyberwar and disruptive aggressions in the digital space," Kolochenko said.

"Sadly, virtually all Western law enforcement agencies are significantly underfunded today, while efficient combat with ransomware will probably require at least a tenfold budget increase - just to address this isolated phenomena. Spiraling pandemic losses will unlikely allow countries to spend more on cybercrime prosecution and investigation units unless the private sector donates billions of dollars. Fighting digital currencies is a waste of time, cybercriminals will find a myriad of other smart ways to bypass sanctions and get paid in impunity."

Featured Resources

Activation playbook: Deliver data that powers impactful, game-changing campaigns

Bringing together data and technology to drive better business outcomes

Free Download

In unpredictable times, a data strategy is key

Data processes are crucial to guide decisions and drive business growth

Free Download

Achieving resiliency with Everything-as-a-Service (XAAS)

Transforming the enterprise IT landscape

Free Download

What is contextual analytics?

Creating more customer value in HR software applications

Free Download

Recommended

Ransomware group Conti threatens to overthrow Costa Rican government
ransomware

Ransomware group Conti threatens to overthrow Costa Rican government

17 May 2022
UK plan to abandon big tech regulator powers “makes no sense”
Policy & legislation

UK plan to abandon big tech regulator powers “makes no sense”

3 May 2022
How governments can build resilience in a new normal
Whitepaper

How governments can build resilience in a new normal

27 Apr 2022
Google Cloud wins tender with Israeli judiciary
Cloud

Google Cloud wins tender with Israeli judiciary

12 Apr 2022

Most Popular

Linux-based Cheerscrypt ransomware found targeting VMware ESXi servers
ransomware

Linux-based Cheerscrypt ransomware found targeting VMware ESXi servers

26 May 2022
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

13 May 2022
Open source packages with millions of installs hacked to harvest AWS credentials
hacking

Open source packages with millions of installs hacked to harvest AWS credentials

24 May 2022