|
|
|
|
|
|
by kiadimoondi
1843 days ago
|
|
|
Would a nationalized bug bounty program help here? Along with some compliance enforcement that the bounty is actually addressed, fulfilled, and payed by the vulnerable entity or the government (funded through some form of corporate tax). I haven't really thought out the details, but likely some kind of practical and effective threshold exists where a business entity in the US enters into mandatory participation. Genuinely curious, would love to see others' thoughts. |
|
|
A nationalized ransomware team would.
I'm serious. Just like how NSA said "we can't beat em so we'll join em" and started buying zero-days with both fists. If, back in the 1990s, you tried telling people this would happen you would get shouted down by everyone in the room. But it did happen.
If you get owned by Team Fed you get a phone number. You call the phone number, get informed that you got hacked, and get the decryption key immediately. The ransom is added to your company's next annual tax filing. Ransom levels are slowly jacked up until morale^H^H^H security improves.