Ransomware Payments Have Set “Dangerous Precedent”

Reading Time: 2 minutes
  • Two ransomware payments have set a “dangerous precedent” according to a prominent American politician
  • U.S. Representative Carolyn Maloney criticized the payouts and asked for details of the transaction
  • The U.S. has also elevated ransomware attacks to the same priority as terrorist incidents

Recent high profile ransomware payments to hacking groups have set a “dangerous precedent” according to US Representative Carolyn Maloney, chair of the House Committee on Oversight and Reform. In letters sent to Colonial Pipeline and CNA Financial, both of whom were recently targeted by ransomware hackers, Chairwoman Maloney criticized the payments made by the companies and asked for details to aid potential tracking of the money through blockchain analysis.

Maloney “Extremely Concerned” by Payments

Colonial Pipeline and CNA Financial have both been victims of ransomware attacks this year, with Colonial targeted in March and CNA in May. Both companies opted to pay to have access to their systems returned to them, something that Chairwoman Maloney was “extremely concerned” about as it could embolden hackers to attack bigger targets.

The negative reaction to the payments came on the same day as the U.S. Department of Justice is said it would begin to treat ransomware attacks with the same priority as terrorism in the wake of the Colonial Pipeline hack. The department pointed to the Colonial Pipeline hack as an example of the “growing threat that ransomware and digital extortion pose to the nation.”

Ransomware Payments Could Be Illegal

Ransomware payouts to criminal enterprises have come under scrutiny before now, with a bill proposed in 2020 that would make such payments illegal. The aim of such a bill was to remove the temptation for hackers to engage in ransomware hacks knowing there was a vastly reduced chance of getting paid.

U.S. companies have started taking out ransomware insurance to cope with the threat of a ransomware attack, but the U.S. Treasury warned in October last year that these insurance companies could be in violation of sanctions orders if the hackers can be traced to sanctioned countries.