Rising Threats: Ransomware Attacks and Ransom Payments
Cyber Security

Rising Threats: Ransomware Attacks and Ransom Payments

Senate Committee on Homeland Security and Governmental Affairs – Full Committee Hearing Witnesses:

Megan Stifel: Chief Strategy Officer for the Institute for Security and Technology

● Bill Siegel: CEO of Coveware

● Jacqueline Burns Koven: Head of Cyber Threat Intelligence at Chainalysis

The Senate Committee on Homeland Security and Governmental Affairs initiated this hearing to better understand the use of cryptocurrency in ransomware.

Megan Stifel explained that ransomware is a significant threat because it is surrounded by a confluence of factors that all must be addressed if ransomware is to be addressed. Stifel said that any policy solution needs to support collaboration across industries, promote harmony among government information sharing platforms, and ensure access to clear, concise, and timely information. Her recommendations include a sustained multi-stakeholder coalition on ransomware, an emergency ransomware fund, federally provided frameworks for preparation against ransomware, mandated incident reporting, and a study into the regulation of cryptocurrency.

Bill Siegel argued that mandated reporting is the most immediately necessary step and expanding reporting requirements to all companies rather than only those under the jurisdiction of CISA. Siegel foresees this kind of policy has two main impacts: the U.S. government will gain clarity on the true scope of the problem and greater clarity on what to do about it.

Jacqueline Burns Koven explained how blockchain technology actually makes cryptocurrency easier to track than traditional extortion payments like cash as law enforcement can be more efficient in their investigations within blockchain than in traditional financial investigations and how blockchain allows investigators to be able to find ransomware gangs through linked networks. Burns Koven then discussed the need for private-public collaboration in this space and set forth three recommendations: improve ransomware reporting and information sharing with clear guidance on the when, where, and what to report, ensure government agencies have adequate funding to conduct investigations, and collaboration with other countries to set forth robust global money laundering laws.