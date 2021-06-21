Public exposure of such data can lead to lawsuits or lost investor confidence, which makes it manna for criminals. One ransomware gang seeking to extort a major U.S. corporation published a nude photo of the chief executive's adult son on its leak site last week.

Rep. Carolyn Maloney, chair of the House Committee on Oversight and Reform, has asked in written requests to know more about the JBS and Colonial cases as well as CNA Insurance. Bloomberg News reported that CNA Insurance surrendered $40 million to ransomware criminals in March. The New York Democrat said “Congress needs to take a hard look at how to break this vicious cycle.”

Recognizing a lack of support for a ransom ban, Senate Intelligence Committee Chairman Mark Warner, D-Va., and other lawmakers want at least to compel greater transparency from ransomware victims, who often don't report attacks.

They are drafting a bill to make the reporting of breaches and ransom payments mandatory. They would need to be reported within 24 hours of detection, with the executive branch deciding on a case-by-case basis whether to make the information public.

But that won’t protect unprepared victims from potentially going bankrupt if they don’t pay. For that, various proposals have been put forward to provide financial assistance.

The Senate this month approved legislation that would establish a special cyber response and recovery fund to provide direct support to the most vulnerable private and public organizations hit by major cyberattacks and breaches.

