48 recommendations for a global fight against ransomware
The Institute for Security and Technology’s Ransomware Task Force (RTF) has released a comprehensive strategic framework to help worldwide organizations fight against ransomware and will be delivering it to the U.S. President’s team.
The 81-pages-long report includes an overview of the ransomware threat, its impact, how the cyber insurance and the rise of cryptocurrencies influenced its proliferation, the current situation in regard to threat actors that use the malware (and how), and existing efforts to mitigate these attacks.
More importantly, the report lays out recommendations for a coordinated global action to tackle this threat to critical infrastructure, public health, education institutions, and the economy, society and national security in general.
The framework
“Ransomware has become too large of a threat for any one entity to address; the scale and magnitude of this challenge urgently demands coordinated global action,” the RTF noted.
“This strategic framework aims to help policymakers and industry leaders take system-level action – through potential legislation, funding new programs, or launching new industry-level collaborations – that will help the international community build resistance, disrupt the ransomware building model, and develop resilience to the ransomware threat.”
Compiled by 60+ volunteer experts from top tech and cyber security companies, government agencies, law enforcement, civil society groups, cybersecurity insurers and international organizations, the report spells out 48 recommendations, organized around four goals:
“These goals are interlocking and mutually reinforcing,” the RTF says, and notes that “the framework should be considered as a whole, not merely a laundry list of potential disparate actions.” Also, that agencies and organizations in other nations should “adapt the recommendations to their own context, and work across borders to coordinate and tackle what is truly a global challenge.”
Recommendations: Fight against ransomware
The report recommends actions such as:
- Establishing an international coalition to combat ransomware criminals
- Creating a global network of ransomware investigation hubs
- Conducting a sustained aggressive, public-private collaborative anti-ransomware campaign
- Exerting pressure on nations that are complicit or refuse to take action
- Developing new levers for voluntary sharing of cryptocurrency payment indicators
- Establishing an insurance-sector consortium to share ransomware loss data and accelerate best practices around insurance underwriting and risk management
- Developing a clear, actionable framework for ransomware mitigation, response, and recovery
- Updating cyber-hygiene regulations and standards
- Creating a Ransomware Response Fund to support victims in refusing to make ransomware payments, and so on
They estimated a time-frame for the implementation of each action, and spelled out which organizations should take the lead on carrying them out.
The RTF could not agree on whether or not ransom payments should be prohibited, because there are valid arguments for each position.
“The imperative could not be more clear; it’s time to increase prioritization of action and limit the damage inflicted by these attacks,” said Philip Reiner, Executive Director of the RTF and IST CEO.
“In the past 12 months alone, we’ve seen ransomware attacks delay lifesaving medical treatment, destabilize critical infrastructure, and put our national security at risk. We felt an urgent need to bring together world-class experts across sectors to create a framework that government and industry can pursue to disrupt the ransomware business model and mitigate the impact of attacks.”