Combating Ransomware: A Comprehensive Framework for Action

Ransomware attacks present an urgent national security threat. This evolving form of cybercrime, through which criminals remotely compromise computer systems and demand a ransom in return for restoring and/or not exposing data, is economically destructive and has dangerous real-world consequences. Thousands of businesses, hospitals, school districts, city governments, and other institutions around the world have been paralyzed as their digital networks are held hostage.

Despite the gravity of these crimes, the majority of ransomware criminals operate with near-impunity, based out of jurisdictions that are unable or unwilling to bring them to justice. This problem is exacerbated by financial systems that enable attackers to receive funds without being traced. Additionally, the barriers to entry into this lucrative criminal enterprise have become shockingly low. The “ransomware as a service” (RaaS) model, allows criminals without technical sophistication to conduct ransomware attacks.

If you think ransomware is unlikely to happen to you or your business, you may well be next.

More than 65 software companies, cybersecurity vendors, international government agencies, nonprofits, and academic institutions joined forces earlier this year to develop the necessary actions to tackle this insidious threat. The effort, known as the Ransomware Task Force (RTF), developed a clear, structured set of recommendations that, if resourced and implemented, could rapidly reduce the impact of ransomware on society.

The Task Force’s recommendations, published in a recent report entitled Combating Ransomware: A Comprehensive Framework for Action, outline actions that governments, businesses and non-profits can take to deter ransomware criminals and disrupt their business model. The primary objective of these actions is to deter ransomware criminals; help organizations prepare for and defend against attacks; undermine the practices that make ransomware so lucrative, and respond to ransomware attacks more effectively. The RTF identifies five critical and urgent actions that form the backbone of its comprehensive framework:

  1. International diplomatic and law enforcement agencies must declare ransomware a priority and carry out a comprehensive and resourced strategy, including measures to prevent nation-states from providing safe haven to ransomware organizations.
  2. The White House should coordinate an aggressive, sustained and intelligence-driven “whole-of-government” operational campaign, working more closely together with private industry and other governments to fight ransomware.
  3. Governments need to create a cyber response and recovery funds, require that businesses and other organizations report ransom payments, and mandate that organizations consider alternatives before making payments.
  4. The international community should coordinate efforts to develop a single, widely adopted Ransomware Framework that will help organizations prepare for and respond to ransomware attacks.
  5. Governments must regulate the cryptocurrency sector more closely, and ensure exchanges, kiosks and over-the-counter trading desks comply with existing regulations, including knowing your customer, anti-money laundering, and combatting the financing of terrorism laws.

We strongly recommend viewing the entire set of recommendations together, as they are designed to complement and build on each other. The strategic framework is organized around four primary goals: to deter ransomware attacks through a nationally and internationally coordinated, comprehensive strategy; to disrupt the business model and reduce criminal profits; to help organizations prepare for ransomware attacks, and to respond to ransomware attacks more effectively.

Philip Reiner, Chief Executive Officer, Institute for Security and Technology

Philip Reiner is the Chief Executive Officer of the Institute for Security and Technology. Philip previously served as President Obama’s Senior Director for South Asia on the National Security Council staff at the White House; as the Senior Advisor for Afghanistan and Pakistan; and as a Director for Pakistan on the NSC staff. Prior to these roles, he served in the Office of the Under Secretary of Defense for Policy in the Pentagon, where he received the Office of the Secretary of Defense Medal for Exceptional Civilian Service; and for a number of years in Raytheon’s Space and Airborne Systems, working in the Electronic Warfare, Remote Sensing and Vision Systems business units.