The Ransomware Task Force (RTF), which is comprised of a team of more than 60 experts from software companies, cybersecurity vendors, government agencies, nonprofits and academic institutions, recently issued a major report focused on strategies to resist, disrupt and develop resilience to the ransomware threat.

The report includes a framework with recommendations organized around four goals: (1) deter ransomware attacks through a comprehensive, nationally and internationally coordinated strategy; (2) disrupt the ransomware business model and reduce criminal profits; (3) help organizations prepare for ransomware attacks; and (4) respond to ransomware attacks more effectively.

The report recommends that the cryptocurrency sector, which enables ransomware crime, should be more closely regulated. The report notes that governments should require cryptocurrency exchanges, crypto kiosks and over-the-counter trading "desks" to comply with existing laws, including Know Your Customer (KYC), Anti-Money Laundering (AML) and Combatting Financing of Terrorism laws. The report's other recommendations include the following:

  • Coordinated, international diplomatic and law enforcement efforts must proactively prioritize ransomware through a comprehensive, resourced strategy, including using a carrot-and-stick approach to direct nation-states away from providing safe havens to ransomware criminals.
  • The United States should lead by example and execute a sustained, aggressive, whole-of-government, intelligence-driven anti-ransomware campaign, coordinated by the White House and including (1) an Interagency Working Group led by the National Security Council in coordination with the nascent National Cyber Director, (2) an internal U.S. Government Joint Ransomware Task Force and (3) a collaborative, private industry-led informal Ransomware Threat Focus Hub.
  • Governments should establish Cyber Response and Recovery Funds to support ransomware response and other cybersecurity activities, mandate that organizations report ransomware payments, and require organizations to consider alternatives before making payments.
  • An internationally coordinated effort should develop a clear, accessible and broadly adopted framework to help organizations prepare for, and respond to, ransomware attacks, including incentives or regulations to drive adoption.

For more information, please refer to the following links:

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.