US Senators Urge CISA to Incorporate Rules for Ransomware Reporting

Richard Marley
May 25, 2022
2 minutes read
1074

US senators have urged the CISA to enforce new ransomware reporting rules amid a sharp increase in the attacks targeting various corporations.

According to the report on ransomware issued on May 24, US Senate Homeland Security and Governmental Affairs Committee have urged the Cybersecurity and Infrastructure Security Agency (CISA) to incorporate new rules for ransomware reporting as soon as possible to prevent the rising attacks. The US schools, local government and healthcare facilities have been prime targets of these attacks since 2,323 ransomware attacks have been reported in 2021.

The chairman Gary Peters and his staff conducted interviews with the federal law enforcement and regulatory agencies that assist the ransomware victims. “Each of the interviewees advocated for increased data collection regarding illicit actors’ methods and ransom payments to better understand the ever-evolving landscape of ransomware attacks and illicit uses of cryptocurrency.” as mentioned in the report.

Efforts for a cyber incident reporting bill to be passed and signed into law earlier this year were carried out by Peters, in which organisations have to report data breaches in 72 hours and ransomware payments in 24 hours to CISA. It may take years for the law to be fully incorporated.

The FBI received 3,729 complaints reporting a loss of more than $49.2 million. The Committee repeatedly claimed throughout the report that the legislators are unsure about what policy should be implemented to combat these ransomware attacks due to the lack of data.

A statement issued by the Committee stated “The lack of data on ransomware attacks and cryptocurrency ransom payments blunts the effectiveness of available tools for fighting ransomware attacks including U.S. sanctions, law enforcement efforts, and international partnerships, among other tools.”

The report put forwards the recommendations for the CISA to incorporate a new ransomware payment reporting mandate as quickly as possible and standardize the existing federal law on ransomware incidents to enable comprehensive analysis.

Disclaimer: No warranty is herein provided that the information contained in this document is accurate, up-to-date, and/or complete. In no circumstance(s), does such information constitute legal or any other advice. Any person who intends to use, rely, pass-on, or re-publish the information contained herein in any way is solely responsible for the same. We suggest to verify the information and/or obtain expert advice independently if required.

Latest News

News
Interpol Seizes $130M Worth of Virtual Assets from Cybercriminals Worldwide
The International Criminal Police Organization Interpol has seized $130 million worth of virtual assets that are linked to money laundering operations and different cybercrimes worldwide.

The “HAECHI III” law enforcement operation, which lasted between June 28 and November 23, 2022, enabled INTERPOL to arrest nearly a thousand suspects.

“In total, the operation resulted in the arrest of 975 individuals and allowed investigators to resolve more than 1,600 cases,” reads Interpol’s announcement. “In addition, almost 2,800 bank and virtual-asset accounts linked to the illicit proceeds of online financial crime were blocked.”

The various cybercrimes that contributed to the aforementioned sum include voice phishing, investment fraud, romance scams, sextortion, and money laundering linked to illegitimate online gambling.

Due to the activity, Interpol also produced 95 alerts and diffusions and identified 16 novel crime trends that would enable law enforcement agencies all around the world to concentrate on their efforts against cybercriminals more effectively.

The latest scams include types of financial fraud and romantic scams that criminals are continually improving to maintain novelty.

Additionally, Interpol noticed an increase in the usage of encrypted messaging applications by scammers to communicate with their victims in investment schemes.

Interpol’s statement also highlights the success of its fresh Anti Money Laundering Rapid Response Protocol (ARRP) mechanism, which was first put to the test during the organization’s prior operation, known as “Operation Jackal.”

Scammers had $1,250,000M returned to them due to ARRP, an Irish firm that was the victim of the Business Email Compromise (BEC). This was the total sum that the business lost to the BEC fraudsters, who ARRP assisted in identifying and seizing.

Since the beginning of ARRP’s pilot testing phase in January 2022, the technology has assisted in the recovery of $120M in cybercriminal proceeds.

Suggested Read: Interpol Warns of the Rise in Romance Scams as Valentine’s Day Approaches

Recent Posts

Blog
Customer Risk Assessment - A Landmark Approach to Fight Identity Fraud
Identity theft is the most prominent cybercrime which has raised alarms for global law enforcement authorities. Masterminds behind these scams are targeting all digital platforms, including e-commerce, ride-hailing apps, social media, and online gambling, which has made users vulnerable to risks of financial losses. The severity of identity fraud increases as criminals use stolen data to take over users’ accounts, make fake bank accounts, and carry out illicit financial transactions. The results remain disastrous for the affected persons as they lose their earnings without knowing about it.

The issue’s intensity can be judged by the fact that in the US alone, 42 million citizens became victims of identity theft, costing $52 billion in total losses. While onboarding any digital platform, users are asked to input their confidential details, which are further exploited by fraudsters. In fact, the service provider must secure their users’ information, but most platforms have inadequate screening measures, which ultimately aids bad actors in abusing the system. In such a situation, customer risk assessment is the most feasible approach, which can help businesses identify their users by applying strict checks and verifying their origins.

Identity Theft – A Looming Threat for Digital Businesses

Since the COVID-19 pandemic, the concept of using remote services has picked up the pace, and users prefer to visit digital platforms instead of going to offices. A large number of banks have introduced mobile apps for all types of transactions which has further provided attractive opportunities for criminals to steal someone’s identity, take over their account and transfer money to somewhere else. The majority of service providers have incorporated stringent checks like biometric authentication, two-factor authentication, and many others, but crime is still prevalent and increasing every year. The screening system based on the principles of customer risk assessment could be the most appropriate solution for online businesses as it can track the complete history of the users.

Account takeover is one of the leading issues that is increasing due to identity theft. The criminals use the stolen details of customers to log in to their bank or e-commerce accounts, further carrying out financial transactions. During the pandemic, a huge surge of 307% was witnessed in account takeover cases. Even now, when the effects of COVID-19 have almost diminished, criminals are involved in fraudulent activities in the same way. The Financial Action Task Force (FATF), the leading global organization fighting money laundering, has also suggested that online businesses should go for customer risk screening which is quite an ideal verification process.

How Law Enforcement Authorities are Countering Cybercriminals

Law enforcement authorities across the globe are facing the challenge of identity theft, and with time, criminal cases are increasing. Recently, several cases of identity fraud have been witnessed where cases were registered against criminals. Although countering the bad actors involved in online scams is quite gruesome, implementing customer risk assessment techniques can serve the purpose.

Let’s have a look at some of the high-profile cases of identity fraud:

Gang Members Sentenced to 60 Months in Prison for Identity Theft

The US Department of Justice has sentenced gang members to 60 months in prison who were involved in several online scams, including identity theft and wire fraud. It has been established during the investigation that they had been carrying out fraudulent activities for more than a year and during this time, they managed to steal $300,000 from the users. Court has further mentioned that no group or individual in the US will be allowed to defraud the users through online scams.

Criminals Jailed Over Multi-Million Identity Fraud in Spain

Spanish Police have arrested a gang that was involved in providing fake identities and forged documents to customers. The investigation revealed that criminals were stealing users’ data from different online platforms and further selling it in the black market. Police have stated that it was a multi-million scam, and all the criminals have been sent to jail.

Fighting Identity Fraud Through Customer Risk Assessment

Customer risk assessment is a set of extreme measures which are generally used by businesses to verify the identities of their customers when some new professional relationship is formed. B2B companies are also using customer risk screening methods to authenticate the documents and identities of other businesses before making any contract with them. It is an ideal process for all digital service providers as it provides in-depth knowledge about the other party and makes a record of their information. Customer risk assessment is not only a feasible solution against identity theft but also a valuable tool to counter money laundering.

Although several identity verification services are efficient enough to counter criminals, customer risk assessment is more advanced and modern, providing the best verification options to digital businesses. It involves various security checks, including checking customers’ identity, background, area of origin, business, and criminal record. All these parameters have remained quite productive in countering cybercriminals and helped many organizations comply with global regulations.

How Customer Risk Assessment Screening is Carried Out

Customer risk assessment is a technical process that involves multiple security checks, and users have to pass all of them to avoid being reported to authorities. All these screening measures have been recommended by the FATF, and companies with customer risk assessment models are following them to comply with the global guidelines.

Here are some of the prominent risk factors:

Customer’s Identity

Customer risk screening verifies the true identities while making a thorough background check. Corrupt politicians and business tycoons usually get more chances of laundering money or carrying out other financial crimes, so the system should be efficient enough to track users’ history to get updated knowledge about their economic activities in the past.

Geography

There are few regions in the world that have weak AML and other cyber laws, which ultimately help criminals to carry out crimes without much trouble. FATF has placed a large number of countries on grey or black lists, which means that all such states are vulnerable to financial crimes. The customer risk assessment process verifies the origin of the users and determines how stronger AML regulations are there.

Industry/Business

Some businesses are notorious for corrupt practices, like gold, art & antiquities, and other luxury items. The customer risk screening method verifies the business of the users and makes a thorough investigation in case the customer is involved in some vulnerable business.

What Shufti Pro Offers?

Combating identity fraud is crucial for the digital sector and is the most appropriate time for companies to invest in screening measures. The customer risk assessment is an ideal solution for online service providers which will help them in countering financial criminals.

Shufti Pro is offering customer risk screening solutions which is the perfect solution for online businesses. It will not only help them in ensuring global regulatory compliance but will also secure their users’ identities. Shufti Pro’s Customer Risk Assessment (CRA) verifies the identities of users through the toughest parameters which will never let the criminals onboard the system. It is efficient enough to generate results in seconds with a ~99% accuracy.

Want to know more about customer risk assessment for digital businesses?

Talk to CRA Expert

US Senators Urge CISA to Incorporate Rules for Ransomware Reporting

Identity Theft – A Looming Threat for Digital Businesses

How Law Enforcement Authorities are Countering Cybercriminals

Gang Members Sentenced to 60 Months in Prison for Identity Theft

Criminals Jailed Over Multi-Million Identity Fraud in Spain

Fighting Identity Fraud Through Customer Risk Assessment

How Customer Risk Assessment Screening is Carried Out

Customer’s Identity

Geography

Industry/Business

What Shufti Pro Offers?

Let’s prove your

customer’s identity

with Shuftipro.

Let’s prove your customer’s

identity with Shuftipro.