US House bill prohibits ransomware payments over $100,000

Ransomware infection Image

The US House of Representatives is on the brink of passing a significant bill aimed at curbing the scourge of ransomware attacks by prohibiting payments exceeding $100,000. The primary objective is to safeguard the nation’s financial infrastructure from the growing threat of ransomware.

The reintroduction of the Ransomware and Financial Stability Act by the House Financial Services committee Chairman signals a proactive stance in combating ransomware threats. Expected to garner full house endorsement following a brief deliberation next week, the legislation seeks to dissuade the proliferation of ransomware and associated criminal activities.

Central to the bill are provisions mandating authorization from the Treasury Department prior to any ransom payments. Notably, if the ransom demand exceeds $100,000, clearance from law enforcement or the president is required, effectively halting the payment process until such authorization is granted.

The urgency of such measures cannot be overstated, particularly in light of recent data from Chainalysis revealing ransom payments exceeding $1 billion in 2023 alone. Moreover, the bill underscores its commitment to ensuring the security and confidentiality of information pertaining to ransomware attacks targeting financial institutions.

Nevertheless, there remains ambiguity regarding the impact of the bill on the prevalence of cryptocurrencies, given the challenges associated with regulating these decentralized digital assets. The inclusion of provisions to restrict the use of cryptocurrency in ransom payments underscores the government’s dilemma in effectively combating cyber-crime.

In sum, the White House’s proactive stance in addressing ransomware threats through legislative measures is a step in the right direction. It is hoped that these efforts will lead to the eventual eradication of this menace.

Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display