A new report from the Ransomware Task Force has warned that the surge of ransomware attacks risks becoming a national security concern.
The RTF report said that any strategy to fight ransomware must apply both internationally and across all areas hit by ransomware.
To help with this, the report made 48 recommendations, which include addressing the complexities of the ransomware epidemic, from the role of cyber insurance and cryptocurrency to safe havens for threat actors.
It also called for discouraging making payments to ransomware groups, as removing profit from ransomware attacks would demotivate attackers. However, the group stopped short of calling for a ban on payments.
According to the RTF, each of the recommendations in its comprehensive strategy to stop the tide of ransomware is divided into four areas:
- Deter ransomware attacks through a nationally and internationally coordinated, prioritized, and resourced comprehensive strategy.
- Disrupt the ransomware business model and decrease criminal profits.
- Help organisations better prepare for ransomware attacks.
- Help organisations respond to ransomware attacks more effectively.
“The cost of ransom paid by organisations has nearly doubled in the past year, and is creating new risks, many that go far beyond monetary damage,” said Executive Director of the RTF and CEO of IST Philip Reiner.
“In the past 12 months alone, we’ve seen ransomware attacks delay lifesaving medical treatment, destabilise critical infrastructure, and threaten our national security. We felt an urgent need to bring together world-class experts across all of the relevant sectors to break down silos and create a framework that government and industry can pursue to disrupt the ransomware business model, mitigate the impact of these attacks, and ensure the continued faith of the general public in its institutions.”
The RTF consists of over 60 experts from industry, government, law enforcement, civil society, and international organisations. The report’s recommendations were echoed by major global tech companies including Amazon and Microsoft, along with law enforcement bodies such as the US’s FBI and the UK’s National Crime Agency.
In addition, the report was submitted to the administration of US President Joe Biden.
- Tech for Good Summit | Looking beyond the pandemic
- Firms are spending more on cybersecurity to combat growing threats
- Android users beware! FluBot malware spreading through SMS messaging
2020 saw organisations around the world hit by a wave of cyberattacks, partially driven by uncertainties caused by the coronavirus pandemic. A recent report warned that the number of ransomware attacks grew by 485% in 2020 compared to 2019.
According to the UK’s National Cyber Security Centre (NCSC), which is also a member of the RTF, it handled over three times as many ransomware incidents in 2020 compared to the previous year.
In addition, the tactics used by criminals to extort money has changed over time. Extortion has become a major part of ransomware attacks. For example, a recent attack on the Washington DC Metropolitan Police Department saw hackers access information on informants, which they are threatening to release.
Cybercriminals have widened the list of potential targets. While large companies have proven a favourite, hospitals and schools are also popular due to the urgent nature of their operations. Many do not have the time needed to work around a ransomware attack and have little option but to pay.
“The disruption it causes means that ransomware is no longer a cybersecurity issue for organisations; as the Task Force’s report notes, it has become a national security risk that has the potential to impact public safety, particularly when hospitals and other critical national infrastructure are targeted,” an NCSC Operations Manager said in a statement.