The Dutch Ministry of Justice and Security is considering a ban on paying ransoms if a business is shut down due to a ransomware attack.
The discussed limitation would only affect insured businesses according to the report, where reimbursing ransom payments by insurance companies will be prohibited, the NOS reports.
The Dutch Association of Insurers expressed some concerns over the reports as being unable to pay can have major consequences for companies — “sometimes they have no other choice,” says security expert Frank Groenewegen of Deloitte Cyber.
In many ransomware attacks, a locking software is launched against a company or a business where they will lose access to their files, and sometimes backup files, with a threat to make their customers’ and/or employees’ data public unless a payment is made for the attacker. 🔓
While sources confirmed to the NOS that the ministry is exploring different ways to reduce ransom payments, it seems unclear why the current focus is only tackling insurer payments since not all companies are insured against ransomware.🤔
In this countermove against the increasing threat of ransomware attacks, Minister Ferdinand Grapperhaus said he would prefer not to see insurers pay a ransom.
On the danger of companies paying a ransom, it is essentially seen as an ecosystem where “the payments keep the criminal ecosystem going,” says Chief Public Prosecutor Michiel Zwinkels.
What do you think of the government’s take on ransomware? Tell us more in the comments below!
Feature Image: AndreyPopov/Depositphotos