60 Global Entities form Ransomware Task Force to Fight Back

Saturday, May 1st, 2021 | , ,

More than 60 software companies, government agencies, cybersecurity vendors, financial services companies, nonprofits and academic institutions have joined together to form a coalition to fight back against ransomware attacks. Known as the Ransomware Task Force, it was formed under guidance from the Institute for Security and Technology and includes the US Department of Justice, Europol, and the UK’s National Cybersecurity Centre, as well as Amazon, Cisco, FireEye, Microsoft, and more.

The group released a framework that aims to address the rising Ransomware threat, which comes in the form of an 81 page whitepaper. It was delivered to the Biden Administration earlier this week and contains numerous “to-dos” in battling the Ransomware threat, such as setting up a reporting framework, managing the ransom negotiation-and-payment process, seizing gangs’ crypto-wallets and infrastructure, and going after cryptocurrency exchanges that fail to implement anti-money laundering measures.

In all, it details what the RTF considers to be “a full, comprehensive strategy to stem the ransomware tide – ranging from dealing with the complexities of the ransomware epidemic, to the role of cyber-insurance, cryptocurrency and safe havens for threat actors,” according to Team Cymru, one of the cybersecurity firms signed onto the project.

The most notable aspect of the Framework for many is that it targets the entire criminal ecosystem around ransomware. For instance, part of the plan is to prosecute and disrupt the Dark Web marketplaces where ransomware gangs flog their wares (generally in a ransomware-as-a-service model) and find partners. The plan also calls for disabling hosting services that facilitate ransomware campaigns. And another aspect of the plan is centralizing expertise when it comes to putting the squeeze on cryptocurrency markets and cryptocurrency seizure.

The Framework would also require companies to disclose their ransomware incidents as well as their ransom-payment plans to the U.S. Treasury Department.

Further Reading:

Share this: