How to stop ransomware

Cons:

• Making it illegal is criminalizing the victim.
• In some cases, paying the ransom is the only hope the victim has of getting their data back. And there can be incidents when lives depend on data.
• It's difficult to enforce any ad-hoc laws because it's problematic to prove that money was ever paid out.
• Victims' sole goal is to just recover their files rather than support criminals.

Other proposals on stopping ransomware:

1. All ransomware incidents should be reported to the Internet crime complaint institutions for further investigation. Ransomware attacks are growing, having all the official stats, crime complaint institutions may also facilitate the introduction of proper legislation to address the extortion vector of cybercrime.
2. Extradition agreements should be expanded and more countries involved. Since the criminal rings behind most ransomware scams operate from Russia and a number of other Eastern European countries, they stay on the loose due to imperfections of local law enforcement. The fear of being apprehended for cyber felony and handed over to the jurisdiction of another state should make the scoundrels think twice before pulling off another attack.
3. ISO standards could be toughened in terms of cybersecurity training and backup implementation. Offsite backups can significantly mitigate the damage from ransomware assaults. Furthermore, most of these Trojans propagate via social engineering based on malicious email attachments, therefore, personnel training on some typical malware injection scenarios should reduce the overall ransomware success rate.
4. Digital money exchange companies should be certified and transparent. Crypto malware operators cover their tracks by taking advantage of Bitcoin system's anonymity. Allowing law enforcement to monitor ransomware-related payments could help find and arrest the extortionists. On the other hand, anonymity is Bitcoin's main virtue for law-abiding people, so this is still a very controversial issue.
5. Put the most important information on paper. Any electronic data is vulnerable. Paper worked for centuries and can help in many cases. You cannot steal twenty million records without several trucks.

If the proposal to criminalize ransom payments is taken, the law should be equal for all. For instance, police departments should not pay either, which is not the case at this point. Surveillance authorities collecting our data should be punished the most. They mine immense amounts of citizens' data, and they insist they need more of it but fail to keep it appropriately while facing no real accountability.

Policymakers should adapt to the present-day cybercrime realm. The security industry and law enforcement proved to be completely helpless in face of ransomware. Not only have authorities failed to stop this threat, but ransomware just grows exponentially. At this point, there are hardly any obstacles to the progress of file-encrypting malware.