Industry Task Force Proposes Framework for Combating Ransomware
The Ransomware Task Force, a private-sector think tank made up of experts from various industries, has released a framework for how organizations may deal with ransomware attacks.
The report, titled “Combating Ransomware: A Comprehensive Framework for Action,” provided 48 recommendations on matters such as cyber insurance, cryptocurrency and safe havens for threat actors, according to RTF collaborator BlueVoyant.
The RTF was convened in January 2019 by the Silicon Valley-based Institute for Security and Technology. The task force includes experts from software companies, cybersecurity vendors, government agencies, nonprofit organizations, academic institutions, cybersecurity insurers and international organizations.
According to the RTF report, the average ransomware payment in the third quarter of 2020 was pegged at $233,817, nearly five times as much as the average ransomware payment from a year before.
Philip Reiner, chief executive of IST and executive director of the RTF, said the increasing scale of ransomware attacks is creating new risks that go beyond financial damage.
The report has four major goals: deter ransomware attacks through a coordinated strategy, disrupt the criminal business model and reduce its profitability, help organizations prepare for ransomware attacks and help victims respond more effectively.
BlueVoyant said that the framework was not designed to be implemented in increments and will require the coordinated effort of many stakeholders.
Each of the four goals are aimed at addressing a gap in the current approach against ransomware, BlueVoyant added.
The Department of Homeland Security has already announced plans to work with the RTF in implementing the recommendations included in the report, Nextgov reported.
During a recent IST event, DHS Secretary Alejandro Mayorkas commended the report for pointing out what the government can do better to address ransomware.
Tags: Alejandro Mayorkas BlueVoyant cryptocurrency cyber insurance cybersecurity Department of Homeland Security DHS framework Institute for Security and Technology IST Philip Reiner private sector ransomware Ransomware Task Force report RTF think tank