New legislation introduced this week by US lawmakers aims to set ransomware attack response “rules of road” for US financial institutions.
The Ransomware and Financial Stability Act (H.R.5936) was introduced this week by the top Republican on the House Financial Services Committee, Congressman Patrick McHenry.
If signed into law, the new bill will require US financial institutions impacted by a ransomware attack to notify the Director of the Treasury Department’s Financial Crimes Enforcement Network (FinCEN) with details on the attack and any associated ransom demands.
However, the Ransomware and Financial Stability Act also ensures the confidentiality of ransomware attack notifications sent to FinCEN as they will not be publicly available and will be exempt from disclosure.
Before making ransomware payments greater than $100,000 in response to such attacks, impacted financial institutions will have to ask for a Ransomware Payment Authorization. They will also be required to inform FinCEN within two business days if they paid the ransom.
The US President will be able to waive the bill’s requirements if determined that the waiver is the national interest of the United States.
“Ransomware payments in the US have totaled more than $1 billion since 2020. Most notably, this past May, a Russian ransomware attack forced Colonial Pipeline to shut down oil supplies to the eastern United States before the company paid hackers. As disruptive as this hack was, it pales in comparison to what would happen if America’s critical financial infrastructure were to be taken offline,” said Congressman McHenry.
“That’s why I’m introducing the Ransomware and Financial Stability Act of 2021. This bill will help deter, deny, and track down hackers who threaten the financial institutions that make the day-to-day economic activity possible. The legislation will also provide long-overdue clarity for financial institutions that look to Congress for rules of the road as ransomware hacks intensify.”
Ransomware crackdown
This new bill comes on the heels of a concerted effort to disrupt ransomware operations following attacks on critical US infrastructure after ransom demands and the frequency of ransomware attacks have gradually but steadily increased in recent years.
The actual scale of financial losses suffered by ransomware targets lately was revealed last month by FinCEN linking roughly $5.2 billion in outgoing BTC transactions to ransomware payments.
FinCEN’s analysis is derived from ransomware-related Suspicious Activity Reports (SARs) filed by US financial institutions between January 2021 and June 2021, as required by the Bank Secrecy Act.
On the same day, senior officials from 30 countries revealed after the Counter-Ransomware Initiative hosted by the US that their governments would crackdown on cryptocurrency payment channels used by ransomware gangs to finance their operations.
Separately, US Deputy Attorney General Lisa Monaco also announced on November 4 that the US will crackdown on ransomware activity.
As part of the same set of measures designed to disrupt ransomware gangs’ operations, the US Department of State announced last week $10,000,000 rewards for the identification or location of DarkSide and REvil ransomware core members.
$5,000,000 rewards were also announced for info leading to the arrest of affiliates and other participants in their attacks.
