The United States government has been wrestling with what to do about a particular type of cyber threat—ransomware—that holds a victim's data and computer systems hostage until they pay, usually in the form of cryptocurrency, to an anonymous recipient. Recent ransomware attacks have threatened everything from hospitals to the media industry, with payment being the main way that most companies are choosing to get back online. But what does giving into such demands mean for broader U.S. efforts to prevent and deter ransomware attacks? Scott R. Anderson sat down on Lawfare Live with Lawfare editor-in-chief Benjamin Wittes and Lawfare fellow in cybersecurity law Alvaro Marañon, who together recently authored a piece for Lawfare entitled, “Ransomware Payments and the Law.” They argue that stemming the flow of payments is essential to deterring ransomware attacks and argue that the United States should adopt a policy banning such payments in all but the most serious cases. They discussed the threat that ransomware poses to the U.S. economy, how payments should be dealt with, and what Congress and the Biden administration seem to be doing about it.