A group of about 60 executives from major organizations (including Microsoft, Citrix, Cisco, and Palo Alto Networks) have joined ranks, forming the Ransomware Task Force (RTF). The RTF is working with the Department of Justice to urge policy makers and industry leaders to make combating ransomware a priority. Their full report, Combatting Ransomware, “includes 48 recommendations that together form a comprehensive framework to address ransomware.” The following are the RTF’s most urgent and core recommendations:
- Coordinated, international diplomatic and law enforcement efforts must proactively prioritize ransomware through a comprehensive, resourced strategy, including using a carrot-and-stick approach to direct nation-states away from providing safe havens to ransomware criminals.
- The United States should lead by example and execute a sustained, aggressive, whole of government, intelligence-driven anti-ransomware campaign, coordinated by the White House. This must include the establishment of 1) an Interagency Working Group led by the National Security Council in coordination with the nascent National Cyber Director; 2) an internal U.S. Government Joint Ransomware Task Force; and 3) a collaborative, private industry-led informal Ransomware Threat Focus Hub.
- Governments should establish Cyber Response and Recovery Funds to support ransomware response and other cybersecurity activities; mandate that organizations report ransom payments; and require organizations to consider alternatives before making payments.
- An internationally coordinated effort should develop a clear, accessible, and broadly adopted framework to help organizations prepare for, and respond to, ransomware attacks. In some under-resourced and more critical sectors, incentives (such as fine relief and funding) or regulation may be required to drive adoption.
- The cryptocurrency sector that enables ransomware crime should be more closely regulated. Governments should require cryptocurrency exchanges, crypto kiosks, and over-the-counter (OTC) trading “desks” to comply with existing laws, including Know Your Customer (KYC), Anti-Money Laundering (AML), and Combatting Financing of Terrorism (CFT) laws.
The RTF explains that their goals in creating this framework are: “deter ransomware attacks through a nationally and internationally coordinated, comprehensive strategy; disrupt the ransomware business model and reduce criminal profits; help organizations prepare for ransomware attacks; and respond to ransomware attacks more effectively.”
The RTF put it best by saying, “Ransomware is no longer just a financial crime; it is an urgent national security risk that threatens schools, hospitals, businesses, and governments across the globe.” We are all too familiar with the impact ransomware can have on our organizations, but this is a great first step, out of many, to reduce the threat of ransomware.