Jenny Blessing*, Jules Drean*, and Sarah Radway*
Edited by Patrick Whartenby and Kevin McDermott
Article | Aug. 29 2022
*Email: jenny.blessing@cl.cam.ac.uk
DOI: 10.38105/spr.iyuyqypkzm
Highlights
- There are few existing regulations and standards governing ransomware at the federal and state levels.
- Private sector self-regulation is insufficient, as organizations often lack the economic incentive and resources to maintain security standards recommended by federal agencies.
- The proliferation of ransomware is heavily enabled by cryptocurrencies. Thus, any regulation of cryptocurrency exchanges or payments will have a substantial impact on ransomware spread.
Article Summary
Open Access

This MIT Science Policy Review article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made. The images or other third party material in this article are included in the article’s Creative Commons license, unless indicated otherwise in a credit line to the material. If material is not included in the article’s Creative Commons license and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this license, visit http://creativecommons.org/licenses/ by/4.0/.
Jenny Blessing
Department of Computer Science and Technology, University of Cambridge
Jules Drean
Department of Electrical Engineering and Computer Science, Massachusetts Institute of Technology
Sarah Radway
Department of Computer Science, Fletcher School of Law and Diplomacy, Tufts University