Ransomware attacks have surged this year, despite efforts to curb them.
As a result, experts are now reconsidering the idea of banning ransom payments altogether, Bloomberg reported Wednesday (Oct. 25).
Ransomware payments have reached nearly $500 million through September, marking a 50% increase compared to the same period last year, according to the report, which cited data from blockchain analytics firm Chainalysis.
Corvus Insurance reported a 95% increase in ransomware attacks during the first three quarters of this year compared to the previous year, the report said.
However, these figures may not fully capture the extent of the problem, as many attacks go unreported, and ransom payments are rarely made public, per the report.
In an earlier and ongoing response to the threat, the Institute for Security and Technology established a task force on ransomware and released a series of recommendations in April 2021, according to the report. By May of this year, it reported that action had been taken on 92% of its suggestions.
Progress has been made through legislation and policy adoption, with efforts focused on improving cybersecurity, the report said. Federal grants have been allocated to small organizations, and corporate boards of directors are placing greater emphasis on addressing ransomware. The U.S. government has also taken steps to disrupt ransom payments and apprehend hackers.
Despite these measures, experts argue that more needs to be done, per the report. Deputy National Security Advisor Anne Neuberger will address an upcoming ransomware summit in Washington, urging governments to commit to not paying ransoms to hackers.
Neuberger has expressed optimism about garnering support for a joint statement against ransom payments, while acknowledging that it was a “hard policy decision,” PYMNTS reported Oct. 16.
However, skeptics contend that banning payments may not entirely solve the problem, according to the report. They suggest that hackers will simply shift their focus to entities that are still willing to pay or engage in other illicit activities.
While companies and organizations must fortify their cyber defenses, expanding cybersecurity requirements across a broader range of businesses and organizations faces opposition, the report said. The task force is considering reassessing the progress on the remaining recommendations to identify obstacles hindering further improvements.
As the threat increases, enterprises are making a number of moves to help ward-off would-be fraudsters, Michael Jabbara, vice president and global head of fraud services at Visa, told PYMNTS in an interview posted in September.
These efforts include educating employees, filtering out malicious emails and enlisting new identity verification tools, Jabbara said.