Former UK Cybersecurity Chief Says Laws Are Needed to Stop Ransomware Payouts
“People are paying bitcoin to criminals and claiming back cash” via insurance claims, Ciaran Martin said.
Jan 25, 2021 at 9:43 a.m. UTCUpdated Sep 14, 2021 at 11:00 a.m. UTC
:format(webp)/cloudfront-us-east-1.images.arcpublishing.com/coindesk/CEWVUYIEZ5AZBEA47MF3PQROGY.jpg)
/arc-photo-coindesk/arc2-prod/public/LXF2COBSKBCNHNRE3WTK2BZ7GE.png)
The U.K.’s former cybersecurity chief said companies paying hackers to recover from ransomware attacks are funding organized crime, and new laws may be needed to stop the practice.
- Ciaran Martin, who was the founding chief executive of the National Cyber Security Centre (NCSC), told The Guardian that insurance firms sending funds on behalf of affected companies have made it “OK to pay out to criminals.”
- “People are paying bitcoin to criminals and claiming back cash” via insurance claims, Martin said.
- Criminal gangs often from Russia or other former Soviet states are fueling the ransomware problem, according to the report.
- The U.K.’s extortion laws were formed mainly in response to the threat of kidnapping and forbid the payment of ransoms to terrorists, but don't apply to ransomware demands.
- “In the last year, experts are saying this is close to getting out of control,” said Martin. “You have to look seriously about changing the law on insurance and banning these payments, or at the very least having a major consultation with the industry”.
- Chainalysis recently reported ransomware attacks were up 311% in 2020 when compared to the year before.
:format(webp)/downloads.coindesk.com/arc/failsafe/user/1x1.png)