Senate Bill to Classify Ransomware Extortion as Terrorism
The U.S. Senate has proposed designating extortion in ransomware attacks as equivalent to terrorism, potentially marking a turning point in the fight against cybercrime.
The bill, endorsed by Senate Intelligence Committee Chairman Mark Warner, seeks to classify extortionist groups as “hostile foreign cyber actors” and labels states harboring such groups as “state sponsors of ransomware,” thereby imposing sanctions on these nations. The bill also grants U.S. intelligence agencies greater authority to combat these criminals, elevating extortion to a priority national threat.
This legislation would be the first in the U.S. to directly link extortion to terrorism. Experts view the bill as an official acknowledgment of the economic damage extortion inflicts on the U.S. and its allies.
However, some experts doubt that the new law will significantly alter the situation. They argue that many countries already under severe sanctions are unlikely to change their behavior due to new measures. Additionally, extortionist groups frequently change names and structures, complicating identification and prosecution, as evidenced by the Conti group post-dissolution.
Supporters of the law believe it sends a crucial signal of the U.S.’s serious intent to combat cybercrime. The call to label extortionist groups as “hostile foreign cyber actors” may be seen as a warning that U.S. intelligence will actively pursue these groups, particularly those targeting critical infrastructure such as hospitals.
The bill also includes measures against countries that support extortion schemes by providing safe haven to criminals. The U.S. President would be authorized to impose sanctions on these nations, akin to those on state sponsors of terrorism. Furthermore, the Secretary of the Treasury is tasked with submitting a report to Congress on the number and geographical location of individuals, groups, and organizations involved in extortion and subject to sanctions.
