The New Ransomware Law That Could Change How Businesses Handle Cyberattacks

From major operational disruptions to exorbitant ransom payments, the effects of ransomware attacks can be incapacitating. Take Lincoln College, which permanently closed in 2022 due in large part to a ransomware attack — or the Arkansas-based telemarketing firm that shut down and laid off all its employees in 2020 for the same reason.

It’s no surprise. The average ransom payment was up to $1.54 million in 2023, almost double what it was in 2022.

Up until now, though, many large enterprises have been able to just pay the ransom and hope that the problem will go away. The hit to their bottom line from continued downtime can be much larger than the payment being demanded, so it can make sense for major organizations to pay up and move on.

Or at least, it used to. The way that large financial institutions handle ransomware is poised to change with the introduction of a new ransomware bill in the US House of Representatives.

The proposed bill

The Ransomware and Financial Stability Act, spearheaded by House Financial Services Committee Chairman Patrick McHenry and Rep. Brittany Pettersen, proposes a shift in how large companies can respond to ransom demands. It would target the finance industry specifically, including financial utilities, large securities exchanges, and critical technology service providers of core processing services at banks.

At the center of the proposed bill are stringent regulations surrounding ransom payments by financial institutions. Under the legislation, these institutions would be mandated to notify the Treasury Department before paying any ransom demands. If the payment exceeds $100,000, the company would need to seek prior approval from law enforcement (specifically, the Financial Crimes Enforcement Network) or obtain a presidential waiver. 

The goal of the bill, according to the House Financial Services Committee, is to bolster the resilience of our critical financial infrastructure, safeguard our daily economic activity, and deter hackers. It’s also intended to set “commonsense guide rails” for financial institutions and disrupt the economic incentives driving ransomware attacks.

It’s worth noting that the bill includes provisions for exceptional circumstances (i.e. if a ransom payment is in the national interest). It would also allow financial institutions to avoid public disclosure of most of the information surrounding ransomware incidents, underscoring the ever-important balance between transparency and privacy.

Key takeaways

If the Ransomware and Financial Stability Act passes, responding to ransomware will get a lot more complicated for financial organizations. For starters, large companies may be incentivized to implement even stronger data security measures than they already had. From threat detection software to disaster recovery protocols, ironclad cybersecurity defenses will be non-negotiable.

Organizations should also begin employing advanced ransomware mitigation tools like microsharding to prevent operational downtime and to avoid data exfiltration and double extortion. With the rise in sophisticated ransomware tactics, basic mitigation software won’t cut it anymore. Instead, companies need to be planning ahead to maintain their business continuity and data privacy. 

Enter the ShardSecure platform. Our solution offers data integrity checks, high availability, and self-healing features to mitigate the impact of ransomware attacks and safeguard sensitive information. By reconstructing affected data and automatically migrating it to a safe alternative location, the platform maintains the accuracy and availability of data. ShardSecure offers a way for organizations to meet the rising number of ransomware threats with robust data resilience and confidence.

Moving ahead

We won’t know the fate of the Ransomware and Financial Stability Act until it’s put to a vote, but we do know that ransomware will continue to be a problem for companies large and small. As we navigate the evolving threat of cyberattacks, we’re going to need more proactive collaboration among lawmakers, businesses, and cybersecurity experts than ever before.

That’s one reason why we’re excited to be at RSAC 2024 in a few weeks: It’s a great chance to talk with our colleagues across the industry and make plans for a more resilient and secure cyber landscape.

Planning to be at the conference? Come visit our team — and our key technology partners, including KPMG, BackBlaze, Entrust, Wasabi, and more — at booth #5263 Moscone North. We look forward to sharing more information about our platform and talking about the future of cybersecurity together.