Schools, hospitals, the City of Atlanta. Garmin, Acer, the Washington, DC, police. At this point no one is safe from the scourge of ransomware. Over the past few years, skyrocketing ransom demands and indiscriminate targeting have escalated, with no relief in sight. Today a recently formed public-private partnership is taking the first steps toward a coordinated response.
The comprehensive framework, overseen by the Institute for Security and Technology’s Ransomware Task Force, proposes a more aggressive public-private response to ransomware, rather than the historically piecemeal approach. Launched in December, the task force counts Amazon Web Services, Cisco, and Microsoft among its members, along with the Federal Bureau of Investigation, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, and the United Kingdom National Crime agency. Drawing from the recommendations of cybersecurity firms, incident responders, nonprofits, government agencies, and academics, the report calls on the public and private sector to improve defenses, develop response plans, strengthen and expand international law enforcement collaboration, and regulate cryptocurrencies.