{"id":55014,"date":"2024-01-04T11:45:14","date_gmt":"2024-01-04T11:45:14","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs\/"},"modified":"2024-01-04T11:45:14","modified_gmt":"2024-01-04T11:45:14","slug":"as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs\/","title":{"rendered":"As lawmakers mull outlawing poor security, what can they really do to tackle online gangs?"},"content":{"rendered":"<p><span class=\"label\">Comment<\/span> In some ways, the ransomware landscape in 2023 remained unchanged from the way it looked in previous years. Vendor reports continue to show a rise in attacks, major organizations are still getting hit, and the inherent issues that enable it as a business model remain unaddressed.<\/p>\n<p>Yet what 2023 may be remembered for is how law enforcement (LE) bookended it with a showing of progress and intolerance, making good on promises to bring down gangs that were once showpieces for the cybercriminal world.<\/p>\n<div class=\"promo_article\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/regmedia.co.uk\/2023\/11\/17\/leonardo_ai_lawyers_with_laptop.jpg?x=174&amp;amp;y=115&amp;amp;crop=1\" width=\"174\" height=\"115\" alt=\"Lawyers with laptop\"><\/p>\n<h2 title=\"When users decline to answer 'have you tried turning it on?' surely no judge would fail to convict?\">Lawyer guilty of arrogance after ignoring tech support<\/h2>\n<p><a href=\"https:\/\/www.theregister.com\/2023\/11\/17\/on_call\/\"><span>READ MORE<\/span><\/a><\/div>\n<p>The <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2023\/10\/19\/europol_knocks_ragnarlocker_offline\/\" rel=\"noopener\">demise of RagnarLocker<\/a> and Qakbot followed that of Hive at the start of the year, and partial success was enjoyed in the attempts to <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2023\/12\/19\/blackcat_domain_seizure\/\" rel=\"noopener\">end AlphV\/BlackCat<\/a> in December. While the latter still lives on and has continued to breach victims, LE was able to release a decryptor for hundreds of previous cases, and that alone shouldn&#8217;t detract from what has been a huge year for counter-ransomware ops.<\/p>\n<p>AlphV\/BlackCat might have squirmed their way out of authorities&#8217; clutches for now, but the action from national security agencies this year has given the industry reasons to be cheerful after a barren year for good news on this front.<\/p>\n<p>2022 saw a rare drop in ransomware attacks but it was short-lived and still plagued by major incidents, even if there weren&#8217;t quite as many of them. LE also failed to register a single significant bust, with the previous one being REvil&#8217;s shuttering in late 2021.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZZ0CUCxl4XcI82zwVj02CAAAAgA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZZ0CUCxl4XcI82zwVj02CAAAAgA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>Conti died off, but only its brand. And LE had no hand in the matter. The group ravaged organizations and governments for years before splitting off into smaller cells.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xmd=\",fluid,mpu,leaderboard,\" data-lg=\",fluid,mpu,leaderboard,\" data-xlg=\",fluid,billboard,superleaderboard,mpu,leaderboard,\" data-xxlg=\",fluid,billboard,superleaderboard,brandwidth,brandimpact,leaderboard,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZZ0CUCxl4XcI82zwVj02CAAAAgA&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZZ0CUCxl4XcI82zwVj02CAAAAgA&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<div class=\"adun_eagle_desktop_story_wrapper\">\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xxlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZZ0CUCxl4XcI82zwVj02CAAAAgA&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZZ0CUCxl4XcI82zwVj02CAAAAgA&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<\/p><\/div>\n<p>Indeed, 2023 was something of a statement sent by authorities. For years, various agencies repeated renditions of &#8216;ransomware can no longer be tolerated&#8217;, but the disruptions from the past 12 months feel like genuine steps in the right direction.<\/p>\n<p>However, there are still missing pieces of the puzzle, and the lack of arrests remains a concern. Dismantling an operation is no mean feat and should be commended, however, in the grand scheme of things, it stops essentially nothing if the criminals continue to run free.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZZ0CUCxl4XcI82zwVj02CAAAAgA&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZZ0CUCxl4XcI82zwVj02CAAAAgA&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>The need for robust intervention here is undeniable. LE&#8217;s takedowns are impactful but not preventative. The industry needs governments to insert themselves into the crisis and take decisive action to stop ransomware from becoming even more out of hand than it already is.<\/p>\n<p>Take AlphV\/BlackCat, for example. It was arguably the scummiest of all the ransomware groups in 2023. In the space of 12 months, its leaders \u2013 believed to be based in Russia \u2013 signed off on some of the worst acts ever seen in ransomware, including the <a href=\"https:\/\/www.theregister.com\/2023\/03\/15\/cancer_lvhn_sues_hospital\/\">leaking of breast cancer patients&#8217; nudes<\/a>. Despite being known for freely targeting hospitals, charities, schools, and other similarly sensitive targets, the attack on Lehigh Valley Health Network was a new low.<\/p>\n<p>The crew also continued to push the boundaries of extortion, even going so far as to weaponize the Securities and Exchange Commission (SEC). In November it allegedly <a href=\"https:\/\/www.theregister.com\/2023\/11\/16\/clorox_ciso_washes_out\/\">filed a regulatory complaint<\/a> over a target&#8217;s failure to report a breach within the mandated four-day window. It then repeated the trick in December. Both were brazen attempts to hurry along ransom payment negotiations. No wonder the feds tore it down.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" id=\"story_eagle_xsm_sm_md_xmd_lg_xlg\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",mpu,dmpu,\" data-sm=\",mpu,dmpu,\" data-md=\",mpu,dmpu,\" data-xmd=\",mpu,dmpu,\" data-lg=\",mpu,dmpu,\" data-xlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZZ0CUCxl4XcI82zwVj02CAAAAgA&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZZ0CUCxl4XcI82zwVj02CAAAAgA&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>If the authorities are serious about disrupting ransomware for good, and ensuring criminals like those behind the worst operations are left without a job, then the approach must change. If takedowns alone aren&#8217;t working, and they <em>aren&#8217;t<\/em> working, other solutions are required.&nbsp;<\/p>\n<p>Governments will have crucial roles in the fight against ransomware. Industry will no doubt pray that 2024 will be the year in which state influence finally exerts itself into cybercrime in the way it needs to. Introducing impactful legislation, however, will be far from straightforward.<\/p>\n<h3 class=\"crosshead\">Step up, lawmakers<\/h3>\n<p>It goes without saying that the private sector must do better while it waits for higher powers to enact the required change. Building better, more secure products will ease the burden of applying the countless patches released every month \u2013 a relentless function of security gigs that shouldn&#8217;t be as disruptive as it is.<\/p>\n<p>Law enforcement is doing a solid job at disrupting ransomware within its powers, and cybersecurity awareness in organizations is increasing gradually to mitigate the threat. The next step in the fight against ransomware, however, must come from the legislature. 2024 can and should be the year that&#8217;s remembered not just for the biggest takedowns, but for the impactful policy decisions that help quell the threat for good.<\/p>\n<p>That said, there aren&#8217;t any perfect solutions here. There are a few schools of thought when it comes to combating ransomware through legislation, the most prominent of which is to ban ransom payments entirely, both from the public and private sectors.<\/p>\n<p>Politicians have wrestled with implementing a ransom ban for years, but have taken no serious steps to introduce one. The closest we&#8217;ve come on a global scale is with the International Counter Ransomware Initiative&#8217;s (CRI) <a href=\"https:\/\/www.theregister.com\/2023\/10\/31\/us_ransomware_payment_ban\/\">pledge<\/a> to refuse ransom payments, but without any private sector implications, it means fairly little.<\/p>\n<p>Despite it being a solution that would almost certainly deliver the desired outcome in the long term, the short-term consequences of banning ransom payments would likely be dire. The organizations hit with ransomware in the first months, years, or however long it takes for ransomware gangs to abandon their craft, after such a law&#8217;s enactment will have their futures jeopardized. There is also the genuine possibility that the hard work infosec has done to promote a culture of transparency is wholly undone. Attacks could once again be hidden from the public and authorities, and payments continue to flow, but more quietly.<\/p>\n<p>Another approach is to outlaw poor security practices. The idea is that organizations which leave themselves open to targeting by cybercriminals ensure there are always individuals willing to exploit them, perpetuating the issue.<\/p>\n<p>Neither this approach, nor one that involves a ban on payments, is actually ideal or even productive when we consider potential victims like hospitals. These types of underfunded institutions that provide critical services cannot afford any downtime, let alone a SOC staffed with world-class talent. When they get hit, the only priority is to get systems back online so people don&#8217;t die. Do we punish the overstretched hospital IT teams here?<\/p>\n<p>An area to explore further is placing greater responsibilities on organizations involved in the trading of cryptocurrencies to disrupt the flow of funds to known cybercrime rings. It&#8217;s one of the intentions of the CRI and can already be seen in action today.&nbsp;<\/p>\n<p>The UK&#8217;s Financial Conduct Authority (FCA), for example, already has the power to audit crypto firms, like exchanges, for anti-money laundering (AML) and terrorist procedures. Part of the CRI&#8217;s pledge is to also implement the Financial Action Task Force (FATF)&#8217;s Recommendation 15, which essentially stipulates that similar checks should be carried out at the government level across all 50 of its members.<\/p>\n<p>However, given that I&#8217;ve been requesting briefings with the FCA to discuss this very matter, and its plans to stem the flow of illicit funds, for months now, only for it to ignore every contact, I have little confidence this is considered a priority at the regulatory level.<\/p>\n<p>Ensuring the legislative approach that&#8217;s taken is both effective and doesn&#8217;t threaten the futures of organizations is going to be a difficult task. What&#8217;s incontrovertible though is that legislation is required in some capacity.<\/p>\n<p>What we have seen in the past year though is Western governments&#8217; willingness to keep fighting and refusal to back down against the threat. The concrete action of LE in 2023 not only delivers admirable disruption to cybercrime but serves as a constant reminder that ransomware will never be accepted, even though it has become somewhat normalized.<\/p>\n<p>It&#8217;s a precarious road ahead but here&#8217;s hoping 2024 builds on the progress of 2023. \u00ae<\/p>\n<p> READ MORE <a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2024\/01\/04\/feds_stole_the_ransomware_limelight\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Headline-grabbing takedowns are nice, but long-term solutions require short-term sacrifices Comment\u00a0 In some ways, the ransomware landscape in 2023 remained unchanged from the way it looked in previous years. Vendor reports continue to show a rise in attacks, major organizations are still getting hit, and the inherent issues that enable it as a business model remain unaddressed.\u2026 READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":55015,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-55014","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>As lawmakers mull outlawing poor security, what can they really do to tackle online gangs? 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"As lawmakers mull outlawing poor security, what can they really do to tackle online gangs? 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2024-01-04T11:45:14+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/regmedia.co.uk\/2023\/11\/17\/leonardo_ai_lawyers_with_laptop.jpg?x=174&amp;amp;y=115&amp;amp;crop=1\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"As lawmakers mull outlawing poor security, what can they really do to tackle online gangs?\",\"datePublished\":\"2024-01-04T11:45:14+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs\\\/\"},\"wordCount\":1344,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/01\\\/as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs.jpg\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs\\\/\",\"name\":\"As lawmakers mull outlawing poor security, what can they really do to tackle online gangs? 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/01\\\/as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs.jpg\",\"datePublished\":\"2024-01-04T11:45:14+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/01\\\/as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/01\\\/as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs.jpg\",\"width\":174,\"height\":115},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"As lawmakers mull outlawing poor security, what can they really do to tackle online gangs?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"As lawmakers mull outlawing poor security, what can they really do to tackle online gangs? 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs\/","og_locale":"en_US","og_type":"article","og_title":"As lawmakers mull outlawing poor security, what can they really do to tackle online gangs? 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2024-01-04T11:45:14+00:00","og_image":[{"url":"https:\/\/regmedia.co.uk\/2023\/11\/17\/leonardo_ai_lawyers_with_laptop.jpg?x=174&amp;amp;y=115&amp;amp;crop=1","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"As lawmakers mull outlawing poor security, what can they really do to tackle online gangs?","datePublished":"2024-01-04T11:45:14+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs\/"},"wordCount":1344,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/01\/as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs.jpg","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs\/","url":"https:\/\/www.threatshub.org\/blog\/as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs\/","name":"As lawmakers mull outlawing poor security, what can they really do to tackle online gangs? 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/01\/as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs.jpg","datePublished":"2024-01-04T11:45:14+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/01\/as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/01\/as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs.jpg","width":174,"height":115},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/as-lawmakers-mull-outlawing-poor-security-what-can-they-really-do-to-tackle-online-gangs\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"As lawmakers mull outlawing poor security, what can they really do to tackle online gangs?"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/55014","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=55014"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/55014\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/55015"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=55014"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=55014"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=55014"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}