Enlarge image
Blackmail message from a fictitious encryption Trojan
Photo: Lino Mirgeler / dpa
In a public appeal to federal politicians, a group of 22 renowned IT security researchers are working to prevent ransom payments after attacks with so-called ransomware, i.e. blackmail software.
Blackmail Trojans have grown into a serious and lasting threat to the German and European economy in recent years, according to the letter published by the scientists on the Github programming platform.
The signatories to the letter quote a study by the industry association Bitkom, which puts the "damage caused by data theft, espionage and sabotage for the German economy alone at 223 billion euros annually".
Because of the high level of damage, the willingness of companies to pay a ransom has recently increased significantly.
So-called "cyber insurance" that protects against such damage would mean that ransom payments "can be planned quite easily in the annual budget".
"However, ransom payments are the root of all evil with ransomware." Ransomware has been "a highly organized crime for years".
The willingness of companies to make ransom payments has "developed into a massive geostrategic risk for Germany" that is strengthening Germany's geopolitical competitors.
"If victims of ransomware didn't pay the ransom demanded, this business model would be nipped in the bud."
Researchers call for mandatory reporting
Specifically, the researchers are working to ensure that companies can no longer deduct the ransom payments from their taxes.
They are also demanding that companies over a certain size be required to report ransomware attacks and ransom payments.
Insurance companies that secure ransom payments should be stopped.
Instead, insurance should be promoted to cover the loss of sales and recovery measures caused.
»Since insurers are increasingly demanding strong security measures from policyholders, there is an opportunity here to significantly increase IT security across the board without having to take further regulatory measures.«
If a company finds itself in financial distress as a result of ransomware attacks, it should be helped “in an appropriate manner”, for example through a relief fund, so that they are not forced to pay ransoms.
"However, the support should be subject to conditions that ensure that the victims do not neglect their duty to protect themselves."
mak/dpa
/cloudfront-eu-central-1.images.arcpublishing.com/prisa/H6SX4JB4HJIOMBO3FUP6IGGLUI.jpg)
/cloudfront-eu-central-1.images.arcpublishing.com/prisa/JLX4IXAS25BVBICTHHWJ3AT5IY.jpg)