BrianKrebsDec 15, 2023

I've grudgingly come around to the notion that there is only one way out of the ransomware problem: Make paying a ransom illegal. This is not very different from laws that make it illegal for US companies to pay bribes to foreign officials.

I really don't see any other way out of this mess. Yes, some victims will unfortunately ignore any laws that say they can't pay, but enforcement probably will not be hard.

What will be difficult are the situations where peoples' lives are at stake in ransomware incidents This sounds callous, but we can't afford to take the short view here anymore, and our other alternatives aren't great either.

I'm quite certain this is an unpopular view, but we have already seen the cost of doing nothing. At least in the interests of congruity for our financial sanctions vs Russia, we should probably make this change sooner rather than later.

Show threadGadgetGavDec 15, 2023
@briankrebs Isn’t it already illegal to hold someone to ransom? Why can’t that be enforced? More control on crypto wouldn’t hurt since that’s what fueled ransomware.
Show threadjosh buermannDec 15, 2023

@gadgetgav @briankrebs

I'd ban crypto before telling ransomware victims they're damned if they do and damned if they don't. If there's some other dependable way to collect ransoms without getting caught we can revisit the matter. Crypto is itself a ponzi scam so you'd be hitting two cuckoo weavers with one stone.

Show threadBrianKrebsDec 15, 2023
@buermann @gadgetgav Banning crypto sounds like a nice idea, but it's a tad difficult in practice nowadays. Banning payments is 100x simpler.
Show threadGadgetGav
@briankrebs @buermann I don’t see how banning payments will work though. There will be enough people who value the ransomed thing enough to break that law, so the driver for ransom will never dry up completely and the cost to the ransomware maker is negligible. No cost to them if the victim doesn’t pay and never gets access to their data.
And I didn’t suggest banning crypto, just some control of it. If it’s as good as its proponents claim, there should be no problem with some regulation.
Dec 15, 2023 at 3:16pmWeb