Will the US government’s response to ransomware be an effective deterrent for bad actors?

2.6k views10 Comments

Founder/Chairman/CTO in Telecommunication, 201 - 500 employees
The degree of political pressure or danger for ransomware operators is more real today than it was a year ago, but it's definitely not enough to be a deterrent. When I talk about ransomware, I always try to frame it as a business model rather than as a piece of malware, because it got popularized by grandpa getting phished and we've gotten stuck on thinking about it that way. Ransomware is the ability for a financially motivated bad actor to monetize things that would've been worthless in the absence of ransom as a business model. And that suggests that it will continue to evolve and innovate.

There was an interesting campaign against MongoDB and Elasticsearch around 2018, where ransomware operators were saying, "I have your data. Pay me and I'll give it back to you." But they weren't doing that. They were just deleting everything. At the time, that would probably get you hurt by your competitors as a ransomware operator, because they pride themselves on being able to support their customer. But now we've moved on from that. Now there’s this idea of a secondary take around disclosure and spreading out information in that sense just seems like what I'd want to do as a bad actor. So what's next? It doesn't seem to be fading away as a means for cyber criminals to make money.
Director of IT in Manufacturing, 5,001 - 10,000 employees
yes of course  US government’s will response to ransomware
VP( Network Engineering and Delivery) in Telecommunication, 10,001+ employees
Acknowledging it as a major threat and providing government backing by involving department of justice in enacting many rules and punishment clauses , demonstrate visible government commitment to tackle this issue. More so it is advocating shared responsibility model , emphasizing need and requirement by private sectors to spruce up their cyber defense as well as call for international cooperation to jointly tackle this menace is quite significant.

Other initiatives include US Cyber Command and National Security Agency are dedicating people, technology, and expertise to generate insights and options against ransomware actors.

It will definitely act as a deterrent for bad actors. 
CIO in Services (non-Government), 1,001 - 5,000 employees
No, the government could shut all ransomware down immediately if it banned digital currency.
CTO in Transportation, 11 - 50 employees
It may be a deterrent for some of the smaller players on the field that may move to some other field of forms of attack, scam.

The issue I see is that the potential payouts are so big that bigger actors in the field will continue to evolve in attack sophistication.  

Ransomware is here to stay, either in the current form or some evolution of it. 
Director of Service Operations in Finance (non-banking), 10,001+ employees
No. Locks still only keep honest people out. The US from a group-political stand point is also viewed globally as softer under the current administration. Ransomware will continue. The psychology of most bad actors is what also drives them. They have a “we are smarter than you mentality”. The bigger threat is also not ransomware, it’s the malicious, seek to destroy bad actors that are not driven by money or a reward, they just want to to inflict destruction. Ransomware will never go away, but only smaller unorganized players, possibly, will take any US threats as real.
Director of IT in Healthcare and Biotech, 10,001+ employees
Yes, we saw this last year when the President signed an executive order to improve the national cybersecurity systems (this was around the attacks on Microsoft Exchange, Colonial Pipeline, and Solarwinds - all of which were in the news). Sanctions are on the table against bad actors, this could however have negative implications on relationships with other countries. 
IT Strategist in Government, 1,001 - 5,000 employees
Of course government attention leading to development of proper policies and deterrents against the ransomware is going to help. What is also important, in my opinion, is for the government to develop a comprehensive set of recommendations and procedures for recovery for such attacks. Lots of businesses do not realise that they do not have proper recovery and contingency plans until the actual disaster happens. We saw it with COVID and we need to learn from our mistakes and improve. Government agencies doing research and recommendation on best practices will benefit everyone.  
VP in Construction, 51 - 200 employees
It is difficult to deter these bad actors, because of the financial gain involved. As an illustration, no matter how hard the government clamps down on terrorism, it doesn't deter the actors involved because of the perceived gain. 
For the bad actors involved in ransomware, it has become a way of life, in fact, it is a means of life, sustenance I dare say.
Global CTO in Construction, 10,001+ employees
The response of a country in isolation helps but it is not enough. A global solution must be sought, to protect ourselves, but especially to seek ways to punish hackers or even the countries that host or finance them. In addition, it is necessary to combine and align the efforts of public institutions with private companies.

Content you might like

CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
Read More Comments
48.8k views133 Upvotes326 Comments