Cybersecurity, Privacy, & AI

Trending Now

Top House Cyber Lawmaker Plans to Introduce DHS Overhaul Bill by Next Year • Executive Orders Seek to Hasten Quantum Computing—and Guard Against Its Use • In a First, a Court Takedown Goes After Two Cybercrime Tools at Once • NIST Opens Updated IoT Security Guidance to Public Review • Five Eyes Agencies Urge Leaders to Strengthen Cyber Resilience in AI Era

Published on August 18, 2021 • Cyber

Ethical, Legal Implications of Paying Ransoms

Carlos Amarillo | Shutterstock

In an opinion piece for National Defense, Phyllis Sumner and Jillian Simons of King & Spalding write about the growing threat of ransomware, and urge companies to “make strategic and risk-based decisions on whether to engage with threat actors and/or pay the ransom.” They stress the need for a incident response plan, and recommend things to do in whether a company has a “no pay” policy or not. They present a number of arguments for not paying, however, including the reputation the company may acquire as a lucrative target, the ethical ramifications of “supporting” the activity and the criminal and terrorist organizations behind it, the FBI’s advocacy against paying ransoms, and the potential to run afoul of Office of Foreign Assets Control’s international sanctions.

Source:

National Defense: Ethical, Legal Implications of Paying Ransoms

Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–Saturday — Subscribe here.