Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

It should be illegal to pay a ransom to cyber criminals, every time it happens you’re increasing the incentives for these activities and you’re making it more likely to happen again in the future. If it’s illegal, these groups would feel less attracted to attack companies, because they know they wouldn’t be compensated for it.


Seems obvious to me too, but then again, if we went with coordinating for the obvious common good there wouldn't be a casino industry to extort in the first place.


But what if cyber criminals planted a bomb and are demanding a ransom, and Jack Bauer can't defuse it in time?


What's the end result? Prosecuting the victim of a cybercrime for paying a ransom?


The end result is less cybercrime and thus less victims.

The way you get there is prosecuting the victims of cybercrime for paying a ransom, if any are stupid enough to break the law.


Alternatively, reporting of cyber crime craters or is massively delayed.


Right, because it's so easy to hide an outage of that scale.


You're right that the biggies wouldn't really have that option. I'm sure they're not the only ones that get hit by such attacks, though. Smaller and non-public companies would have to think about it.

I'm not even arguing for a specific policy, but I didn't like how the framing of the post was about being "stupid" enough to break the proposed law. It wouldn't be that simple.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: