About | HeinOnline Law Journal Library | HeinOnline Law Journal Library | HeinOnline
LOG IN
LOG IN

55 Vand. J. Transnat'l L. 1177 (2022)
The Law and Politics of Ransomware

handle is hein.journals/vantl55 and id is 1223 raw text is: The Law and Politics of Ransomware Asaf Lubin* ABSTRACT What do Lady Gaga, the Royal Zoological Society of Scotland, the city of Valdez in Alaska, and the court system of the Brazilian state of Rio Grande do Sul all have in common? They have all been victims of ransomware attacks, which are growing both in number and severity. In 2016, hackers perpetrated roughly four thousand ransomware attacks a day worldwide, a figure which was already alarming. By 2020, however, ransomware attacks reached a staggering number, between twenty thousand and thirty thousand per day in the United States alone. That is a ransomware attack every eleven seconds, each of which cost victims on average nineteen days of network downtime and a payout of over $230,000. In 2021 global costs associated with ransomware recovery exceeded $20 billion. This Article offers an account of the regulatory challenges associated with ransomware prevention. Situated within the broader literature on underenforcement, the Article explores the core causes for the limited criminalization, prosecution, and international cooperation that have exacerbated this wicked cybersecurity problem. In particular, the Article examines the forensic, managerial, jurisdictional, informational, and resource allocation challenges that have plagued the fight against digital extortions in the global commons. To address these challenges, the Article makes the case for the international criminalization of ransomware. Relying on existing international regimes-namely, the 1979 Hostage Taking Convention, the 2000 Convention Against Transnational Crime, and the customary prohibition against the harboring of terrorists-the Article makes the claim that most ransomware attacks are already criminalized under Dr. Asaf Lubin is an Associate Professor of Law at Indiana University Maurer School of Law, Fellow at IU's Center for Applied Cybersecurity Research, Faculty Associate at the Berkman Klein Center for Internet and Society at Harvard University, Affiliated Fellow at the Information Society Project at Yale Law School, and a Visiting Scholar at the Federmann Cyber Security Center at Hebrew University of Jerusalem. This work was supported by funding from the Federmann Cyber Security Center in conjunction with the Israeli National Cyber Directorate. The work benefited from the excellent comments of participants at workshops and events organized by the University of Geneva, New York University, the U.S. Secret Service Cyber Policy, Strategy and Outreach Division, the Information Society Project at Yale Law School, Third Way, The Berkman Klein Center for Internet and Society at Harvard University, the Israeli National Cyber Directorate, Chicagoland Junior Scholars Workshop, and the Federmann Cybersecurity Center at Hebrew University. 1177

What Is HeinOnline?

HeinOnline is a subscription-based resource containing thousands of academic and legal journals from inception; complete coverage of government documents such as U.S. Statutes at Large, U.S. Code, Federal Register, Code of Federal Regulations, U.S. Reports, and much more. Documents are image-based, fully searchable PDFs with the authority of print combined with the accessibility of a user-friendly and powerful database. For more information, request a quote or trial for your organization below.



Short-term subscription options include 24 hours, 48 hours, or 1 week to HeinOnline.

Purchase Access

Contact us for annual subscription options:

Contact Us

Already a HeinOnline Subscriber?

Log In

profiles profiles most