Conversation

Notices

1. Embed this notice
   Kevin Beaumont (gossithedog@cyberplace.social)'s status on Monday, 04-Mar-2024 15:37:46 JST Kevin Beaumont

   • Ciaran Martin

   Former Chief Executive of NCSC @ciaranmartin says in The Times it’s time to figure out how to make a ransomware payments ban work.

   • Embed this notice
     Kevin Beaumont (gossithedog@cyberplace.social)'s status on Monday, 04-Mar-2024 15:41:31 JST Kevin Beaumont

     in reply to

     For the record, 100% this. A lot of the arguments against this fall apart with any basic level of scrutiny and are largely being made by people and orgs who directly or indirectly benefit from the status quo.

     Nothing should be off the table, and it may well help manage ransomware group’s targets if this option was very much on the table, in fact.

   • Embed this notice
     Kevin Beaumont (gossithedog@cyberplace.social)'s status on Monday, 04-Mar-2024 15:45:36 JST Kevin Beaumont

     in reply to

     One of the defining things I’ve seen at every org I’ve talked to about ransomware preparedness is they’ve spent more time deciding if and how they would pay a ransom - who gets the call, the CEO, the board etc - than actually preparing cyber resilience.

     Orgs are discussing the wrong thing first because it’s seen as completely normal to pay. That’s all our fault.

   • Embed this notice
     Luka Rubinjoni (rubinjoni@mastodon.social)'s status on Monday, 04-Mar-2024 16:00:49 JST Luka Rubinjoni

     in reply to

     @GossiTheDog Counterpoint: it's their fault, because they view every problem as a certain quantification of money to be gained or lost. And the big power game is who has the power to spend company's money. So they will focus on the expense, and the person in charge to approve it.

   • Embed this notice
     Kevin Beaumont (gossithedog@cyberplace.social)'s status on Monday, 04-Mar-2024 16:01:44 JST Kevin Beaumont

     in reply to

     I only came off the fence about looking seriously about banning payment late last year and boy is there pushback in private, I keep getting told I’ll kill the golden goose.

     In an industry which thinks it is (cyber) punk - about challenging systems etc - the most controversial thing I’ve apparently said or done is raised this one.

     It is the elephant in the room, it is allowing the industry - including me - to fail upwards. I wish it wasn’t controversial to point this out.

   • Embed this notice
     grey (grey@crime-net.org)'s status on Monday, 04-Mar-2024 17:41:29 JST grey

     in reply to

     @GossiTheDog@cyberplace.social As much as banning payments sounds like a good idea, IMO it won't improve the ransomware epidemic. The solution is financial levers via cyber insurance, cat bonds, and focusing on the basics. Bans of financial practices have done little to actually prevent them. Corporations just get better at hiding them. Corporations constantly still break Sarbox and the US government can barely keep up with enforcing it and other financial laws. The assumption that corporations won't break the law is assinine. They do it every day and will continue to do so. That's the American way (tm).

   • Embed this notice
     grey (grey@crime-net.org)'s status on Monday, 04-Mar-2024 17:47:44 JST grey

     @GossiTheDog@cyberplace.social Do they really though? Take a look at any of OSHA's data or any other safety agency. These are just the infractions they find.

   • Embed this notice
     grey (grey@crime-net.org)'s status on Monday, 04-Mar-2024 17:58:01 JST grey

     @GossiTheDog@cyberplace.social United States
     make and enforce lawshttps://abcnews.go.com/Politics/118th-congress-track-become-productive-us-history/story?id=106254012
     
     Maybe someday 🤷 But good luck with that.

   • Embed this notice
     Kevin Beaumont (gossithedog@cyberplace.social)'s status on Monday, 04-Mar-2024 19:57:28 JST Kevin Beaumont

     in reply to

     Front page of The Times.

   • Embed this notice
     Kevin Beaumont (gossithedog@cyberplace.social)'s status on Monday, 04-Mar-2024 21:38:34 JST Kevin Beaumont

     in reply to

     EMSIsoft are the first major security vendor to call for a ban on ransomware payments.

     Like other security vendors, a portion of their revenue comes from ransomware (they're also the source of many of the decrypters) - so for a business to say 'hey guys... this is spinning out of control', people should probably listen.
     https://www.emsisoft.com/en/blog/44987/the-state-of-ransomware-in-the-u-s-report-and-statistics-2023/

   • Embed this notice
     Fellows (fellows@cyberplace.social)'s status on Monday, 04-Mar-2024 23:34:56 JST Fellows

     in reply to

     @GossiTheDog so is the idea that if no one pays that ransomware will stop because there’s no money in it?