Approaching Ransomware with a Fresh Perspective
The Ransomware Task Force
I am honored to represent Team Cymru on the Ransomware Task Force (RTF). The Ransomware Task Force is a collection of security and policy experts spanning several countries, organized by the Institute for Security Technology and led by my friend, Phil Reiner. The motivation is simple: we aren’t OK with ransomware ransacking innocent victims. We want to avoid a future that seems all too likely, one where ransomware become a more prevalent threat to human lives, not just a company’s wallet.
This task force is different than most. Many community efforts tend to form out of a clear and present need to address a concise threat. Ransomware is different. It is an entire class of threats. Simple programs to develop that become potent threats — simple to deliver malware that tend to use many distribution models. Yet the simplicity the actors enjoy add up to a complex scenario for defenders to protect against.
The Ransomware Task Force formed out of a clear and present demand. We cannot sit by watching while this threat becomes more pervasive! Yet this threat is different! And so our response must be different.
The Ransomware Task Force knew right away that only a comprehensive response would have an impact. This isn’t a situation where the private sector can solve the problem. This isn’t a situation where laws can solve the problem. This isn’t a situation where international policy can solve the problem… nor federal agencies, nor small collaborative groups, nor any single entity. We need to band together and use these and other and approaches at the same time.
The report is now public. “Combatting Ransomware: A Comprehensive Framework for Action.”
The overarching goals of the RTF are as follows:
Deter ransomware attacks through a nationally and internationally coordinated, comprehensive strategy
Disrupt the ransomware business model and decrease criminal profits
Help organizations prepare for ransomware attacks
Respond to ransomware attacks more effectively
The path forward is spelt out, with clear recommendations and strategies. This needs adoption by the White House to meet success. It needs a collaborative and willing spirit from several agencies to meet success. It needs engaging involvement from the private sector to meet success.
Time will tell how successful this effort is at combatting ransomware. We do not approach this with naivety, and we don’t expect this to solve ransomware. Our hope is that these recommendations together may impact the direction of ransomware mitigation and change the future we seek to avoid.