A handful of powerful technology companies is teaming up with private organizations and government agencies to help the federal government combat ransomware following a series of high-profile cyberattacks in the U.S.
Individuals representing more than 40 organizations in the private and public sectors collaborated to produce an 81-page report outlining recommendations for the U.S. government and private companies alike on how each can avoid and address ransomware attacks.
The list of technology companies that contributed to the report include Amazon Web Services, FireEye, McAfee and Microsoft, among others. From the public sector, the coalition included experts representing the FBI, the National Governors Association, the U.S. Cybersecurity and Infrastructure Agency (CISA), and the U.S. Secret Service, among others.
Michael M. Santiago/Getty Images
The report was published Thursday by the Institute for Security and Technology (IST), which held a virtual presentation Thursday afternoon featuring opening remarks from Department of Homeland Security (DHS) Secretary Alejandro Mayorkas, who said last month that ransomware “poses a national security threat” to the U.S.
“As the number of ransomware attacks continues to rise, the threat to our national security and to Americans’ daily lives only grows,” Mayorkas said. “Cyber security is not an abstract concept, but something we all need to prioritize and invest in, whether you’re a major hospital system or a small business.”
The U.S. Department of Justice created a ransomware task force of its own last week, and the White House is also working on a plan to combat ransomware attacks, Mayorkas said.
“The task force’s report provides a vision for what we can do to better address this urgent problem,” Mayorkas said. He added the DHS plans to work with the experts who contributed to the IST report to “turn its recommendations into action.”
The report details 48 recommendations in total, which include international law enforcement efforts to discourage ransomware attacks and an “aggressive” domestic strategy in the U.S. The report also recommends that companies targeted by ransomware attacks seek solutions that do not involve ransom payments, and report any ransom payments they do make to government officials.
Kemba Walden, the assistant general counsel for Microsoft’s Digital Crimes Unit, reiterated the importance of requiring that ransomware attacks be reported during Thursday’s virtual presentation.
“One of the benefits of mandatory reporting is really actionable information sharing,” Walden said. “The security community functions best when we have good data. The people that hold the best data, in this circumstance, are the victims themselves.”
Charles Carmakal, the senior vice president and chief technology officer at the cybersecurity company FireEye Mandiant, also encouraged organizations to find ways to respond to ransomware attacks that do not involve making ransom payments.
“Multifaceted extortion and ransomware is the most prevalent cyber security threat to organizations today,” Carmakal said in a statement shared with Newsweek. “Direct financial gain is the motive for at least 36% of the intrusions Mandiant investigated over this past year.”
“Organizations must take proactive actions to tackle this national security threat, including considering alternatives to paying extortion demands by conducting cost-benefit analyses prior to making any payments, as recommended by the Ransomware Task Force,” Carmakal said.
Support for battling ransomware in the public and private sectors comes on the heels of the SolarWinds cyberattack last year, which FireEye announced in December. Several federal agencies later confirmed they were impacted by the breach.
More recently, a ransomware attack in Florida impacted a water treatment plant, threatening the safety of residents’ drinking water. Another attack earlier this week targeted the Washington Metropolitan Police Department in Washington, D.C., according to the Associated Press.
In a statement shared with Newsweek, a policy strategist with McAfee, one of the security software companies that supported the report, praised the agenda items it outlined.
“We are very pleased with the Ransomware Task Force’s Comprehensive Framework for Action,” Chief Standards and Technology Policy Strategist Kent Landfield said. “The effort was a first, bringing together experts from across the global tech community, various governments, law enforcement and cyber insurance organizations. The Task Force had the hard discussions needed to develop the framework for addressing ransomware going forward.”
He said the report contains valuable tools to battle ransomware.
“The report outlines recommendations for action the governments can take in trying to address the issue,” he said. “If the recommendations are implemented, it will have a positive impact in fighting these heinous criminal activities.”