Combating Ransomware – A Comprehensive Framework for Action Key Recommendations from the Ransomare Task Force by IST

We are honored to present this report from the Ransomware Task Force. This report details a
comprehensive strategic framework for tackling the dramatically increasing and evolving threat of
ransomware, a widespread form of cybercrime that in just a few years has become a serious national
security threat and a public health and safety concern.
Ransomware is not just financial extortion; it is a crime that transcends business, government,
academic, and geographic boundaries. It has disproportionately impacted the healthcare industry
during the COVID pandemic, and has shut down schools, hospitals, police stations, city governments,
and U.S. military facilities. It is also a crime that funnels both private funds and tax dollars toward
global criminal organizations. The proceeds stolen from victims may be financing illicit activities
ranging from human trafficking to the development and proliferation of weapons of mass destruction.
Tackling ransomware will not be easy; there is no silver bullet for solving this challenge. Most
ransomware criminals are based in nation-states that are unwilling or unable to prosecute this
cybercrime, and because ransoms are paid through cryptocurrency, they are difficult to trace.
This global challenge demands an “all hands on deck” approach, with support from the highest
levels of government.
Countless people around the world are already working tirelessly to blunt the onslaught of
ransomware attacks. But no single entity alone has the requisite resources, skills, capabilities,
or authorities to significantly constrain this global criminal enterprise.
For this reason, we convened the Ransomware Task Force — a team of more than 60 experts
from software companies, cybersecurity vendors, government agencies, non-profits, and academic
institutions — to develop a comprehensive framework for tackling the ransomware threat.
Our goal is not only to help the world better understand ransomware, but to proactively and
relentlessly disrupt the ransomware business model through a series of coordinated actions,
many of which can be immediately implemented by industry, government, and civil society. Acting
upon a few of these recommendations will not likely shift the trajectory, but the Task Force is
confident that implementing all of them in coordination, with speed and conviction, will make a
significant difference.
While we have strived to be comprehensive, we acknowledge there will be areas we have not
addressed, or on which we could not come to consensus. Prohibition of payments is the most
prominent example; the Task Force agreed that paying ransoms is detrimental in a number of ways,
but also recognized the challenges inherent in barring payments. Just as we have been grateful to
stand on the shoulders of those that came before us, we hope our efforts and investigations will fuel
the thinking and recommendations of those that come after us.

Leave a Reply

Your email address will not be published.