The Ransom Disclosure Act would provide critical ransomware data to the Department of Homeland Security (DHS), which would then use this input to study how cybercriminals operate, Warren's office said Tuesday.
The bill would require ransomware-affected organizations to disclose information about attacks and resulting payments within two days after the incident.
DHS would publicly release this information from the previous year without identifying victims and create a website where the public can voluntarily report ransom payments.
The legislation would also task the secretary of homeland security to conduct research on common traits between ransomware attacks and the involvement of cryptocurrency in these cases.
“My bill with Congresswoman Ross would set disclosure requirements when ransoms are paid and allow us to learn how much money cybercriminals are siphoning from American entities to finance criminal enterprises — and help us go after them," Warren said.