International coalition urges coordinated, government-led strategies for dealing with ransomware as hospitals, public services targeted
A group of more than 60 organisations worldwide has released a framework for dealing with the “urgent” problem of ransomware.
The Ransomware Task Force (RTF), announced by the US’ Institute of Science and Technology (IST) in December, includes governments, law enforcement, computer security researchers, academics and other stakeholders.
The group, backed by Microsoft, Amazon, the FBI and the UK’s National Crime Agency, issued nearly 50 recommendations aimed at spurring governments to take coordinated action.
The coalition argued that ransomware has grown beyond an IT issue into a “serious national security threat”.
With ransomware gangs regularly targeting hospitals and schools, it is also a public health and safety concern, the RTF said.
RTF co-chair Jen Ellis, from cyber-security company Rapid 7, says:
“Citizens are being impacted by this every day,” said RTF co-chair Jen Ellis of security firm Rapid 7.
“It’s having a huge impact on the economy and the ability for ordinary people to access critical services.”
She added that the funds from paid ransoms are used in other forms of organised crime, such as human trafficking and child exploitation.
The UK’s National Cyber Security Centre (NCSC), which is also an RTF member, said it handed three times the number of ransomware incidents in 2020 as in 2019.
The RTF said hundreds of major attacks took place worldwide last year, including in the UK, with Emsisoft estimating the global cost of the problem at $42 billion (£30bn) to $170bn last year.
As part of its recommendations, the RTF urged governments to make it mandatory for victims to report if they do pay ransoms to criminals.
The group’s framework differs from others in that it advises a coordinated, government-led approach that designates ransomware as a national security threat.
It recommends the creation of a fund to support recovery for ransomware victims that do not pay, as well as increased regulation on cryptocurrencies to make it more difficult for untraceable payments.
The group also urged countries to exert pressure on nations seen as safe havens for ransomware gangs.
Computer security firms have named North Korea, Iran and Russia as backing ransomware gangs, while the US last month sanctioned Russia on grounds including the support for “disruptive ransomware attacks”.
The RTF’s report laid out law enforcement options including paying for tips that could help target ransomware operations, and using intelligence techniques to observe criminal groups.