Adam Shostack  Mar 19, 2024

Banning ransomware payments is an incredibly attractive idea.

Proponents need to explain why it’s going to work any better than bans on buying drugs. Why will two “willing” participants not going to find a way? What do we gain by adding criminal penalties to victims trying to recover their businesses?

Show threadPeter DodemontMar 19, 2024
@adamshostack This seems like a flawed comparison. An individual's risk appetite is significantly different from a business's.
If there is no point banning things, why are there rules on money laundering or payments to terrorists or other sanctioned entities.
I biggest potential issue I see is this will create some form of underground market. I hope they balance the ban with incentives to disclose issues so we can get a much better picture of the overall state.
Show threadLes Sizemore
@PeterDodemont @adamshostack a bounty system could be a start. Dox the ransomer for a bonus.
Mar 19, 2024 at 5:51amWeb