Businesses Could Soon Have to Disclose Ransomware Payouts

By

Alex J. Rouhandeh serves as a special correspondent for Newsweek and is currently working toward his Master of Arts within the politics concentration at Columbia University's Graduate School of Journalism where he serves as the school's student representative in the University Senate and the Student Leadership Advisory Council of the Columbia Alumni Association.

Previously, he served as Newsweek's congressional correspondent, reporting from Capitol Hill and the campaign trail. Over his tenure with Newsweek, Alex has covered the speakership of Mike Johnson, the ouster of former Speaker Kevin McCarthy, the midterm elections of 2022, the Russo-Ukrainian War, and other key congressional stories of the Biden presidency.

Alex additionally provides coverage of Newsweek ownership and has produced investigative reporting on legal troubles facing the Olivet Assembly, a religious entity to which Newsweek's two owners formerly held ties.

Prior to covering Congress, Alex reported on matters of U.S. national security, holding press credentials for both the U.S. Capitol and the Department of Defense. Before joining Newsweek, Alex wrote for The American Prospect, Vice News, WDIV-TV NBC Local 4 News in Detroit, and other regional outlets.

His entry into the media industry began at Syracuse University where he majored in magazine journalism and produced award-winning coverage of the U.S.-Mexico border. At Syracuse, Alex also completed majors in policy studies as well as citizenship & civic engagement and was recognized as a Remembrance Scholar, one of the university's highest honors.

Alex was selected by the National Press Foundation to serve as a Paul Miller Washington Reporting fellow in 2024. He holds memberships with the National Press Club in Washington, D.C., the Society of Professional Journalists (SPJ), and the Investigative Reporters & Editors (IRE) organization.

Contact Alex with tips and feedback at a.rouhandeh@newsweek.com, and stay updated on his reporting by following him on social media at @AlexRouhandeh.

Writers Page
Special Correspondent
Trust Project Icon Newsweek Is A Trust Project Member

🎙️ Voice is AI-generated. Inconsistencies may occur.

Senator Elizabeth Warren of Massachusetts and Representative Deborah Ross of North Carolina announced today in a press release the introduction of the Ransom Disclosure Act that would require businesses who fall victim to ransomware attacks to disclose information regarding payments.

Under this law, victims of attacks would be required to report information regarding the amount paid, the currency of payment and any information on the entity demanding the ransom to the Department of Homeland Security (DHS) within 48 hours of payment.

Through the passage of this bill, Warren and Ross said that DHS will receive data on ransomware payments that will bolster their understanding of how cybercriminal enterprises operate.

"Ransomware attacks are skyrocketing, yet we lack critical data to go after cybercriminals," Warren said in the release. "My bill with Congresswoman Ross would set disclosure requirements when ransoms are paid and allow us to learn how much money cybercriminals are siphoning from American entities to finance criminal enterprises—and help us go after them."

Hackers : Illustration
The Ransom Disclosure Act requires victims of cybersecurity hacks to tell the DHS information about ransom payments. Above, a hacker with an Anonymous mask on his face and a hood on his head uses a... Photo by Chesnot/Getty Images

According to data gathered by the cybersecurity firm SonicWall included in the press release, ransomware attacks jumped by 62 percent worldwide and 158 percent in North America between 2019 and 2020. The FBI received roughly 2,500 ransomware complaints in 2020, up 20 percent from the total recorded in 2019.

The scope and frequency of these attacks has a detrimental effect on these companies and the larger American economy. Not only can attacks shut down agencies providing critical services, but in 2020, these attacks resulted in a loss of over $29 million, according to the SonicWall report.

While the bill's primary focus centers around requiring victims to report ransom payments to DHS, it also would implement three other requirements.

DHS would have to make public the information it gathers on attacks, excluding identifying information of the entities involved. It would also require DHS through which victims can report payment of ransoms. And third, it would direct the DHS secretary to conduct a study on commonalities between attacks and looking at the role of cryptocurrencies within them.

"Unfortunately, because victims are not required to report attacks or payments to federal authorities, we lack the critical data necessary to understand these cybercriminal enterprises and counter these intrusions," Ross said. "The U.S. cannot continue to fight ransomware attacks with one hand tied behind our back. The data that this legislation provides will ensure both the federal government and private sector are equipped to combat the threats that cybercriminals pose to our nation."

Request Reprint & Licensing Submit Correction View Editorial & AI Guidelines

Top stories

About the writer

Alex J. Rouhandeh serves as a special correspondent for Newsweek and is currently working toward his Master of Arts within the politics concentration at Columbia University's Graduate School of Journalism where he serves as the school's student representative in the University Senate and the Student Leadership Advisory Council of the Columbia Alumni Association.

Previously, he served as Newsweek's congressional correspondent, reporting from Capitol Hill and the campaign trail. Over his tenure with Newsweek, Alex has covered the speakership of Mike Johnson, the ouster of former Speaker Kevin McCarthy, the midterm elections of 2022, the Russo-Ukrainian War, and other key congressional stories of the Biden presidency.

Alex additionally provides coverage of Newsweek ownership and has produced investigative reporting on legal troubles facing the Olivet Assembly, a religious entity to which Newsweek's two owners formerly held ties.

Prior to covering Congress, Alex reported on matters of U.S. national security, holding press credentials for both the U.S. Capitol and the Department of Defense. Before joining Newsweek, Alex wrote for The American Prospect, Vice News, WDIV-TV NBC Local 4 News in Detroit, and other regional outlets.

His entry into the media industry began at Syracuse University where he majored in magazine journalism and produced award-winning coverage of the U.S.-Mexico border. At Syracuse, Alex also completed majors in policy studies as well as citizenship & civic engagement and was recognized as a Remembrance Scholar, one of the university's highest honors.

Alex was selected by the National Press Foundation to serve as a Paul Miller Washington Reporting fellow in 2024. He holds memberships with the National Press Club in Washington, D.C., the Society of Professional Journalists (SPJ), and the Investigative Reporters & Editors (IRE) organization.

Contact Alex with tips and feedback at a.rouhandeh@newsweek.com, and stay updated on his reporting by following him on social media at @AlexRouhandeh.

Writers Page

Alex J. Rouhandeh serves as a special correspondent for Newsweek and is currently working toward his Master of Arts within ... Read more