Support: (615) 499-7801

Ransomware: National security risk needs global approach

ransomware needs global approach ImageQuest

The rising scourge of ransomware needs a global approach to halt its devastation, a task force with government and corporate representatives announced last week.

Ransomware is “a flourishing criminal industry” which “routinely imperils lives,” the task force organized by the non-profit Institute for Security and Technology wrote. Utilities, hospitals, schools, military posts, and municipalities all continue to suffer shutdowns and system damage caused by ransomware attacks.

The report, which you can download here, lists 48 actions within a framework that the task force says must be followed globally to halt the devastation. The report also discusses:

  • the current state of the cyber insurance industry,
  • how cryptocurrency aids attackers
  • how ransomware is a national security threat, and
  • who are the “threat actors” behind ransomware.

Fighting ransomware, the report says, requires “a comprehensive approach that influences the behavior of actors on all sides of the ecosystem, including deterring and disrupting attackers, shoring up preparation and response of potential victims, and engaging regulators, law enforcement, and national security experts.”

The task force, comprised of government and corporate representatives from the FBI, U.S. CISA, Microsoft, Cisco, the New York Department of Financial Services, and others, urges “international cooperation and adoption of processes, standards, and expectations.”

Elements of the report are rather scary:

ransomware attacks 2020 ImageQuest

A cyber insurance-related organization, Coalition, reported a 260% increase in ransomware attacks on insured in the first half of 2020 and an increase of 47% in the amount of ransom demanded, for an average of nearly $339,000.

Among the task force’s recommended actions: Expand Homeland Security preparedness grants to include cybersecurity measures, and offer tax breaks to organizations that implement secure IT measures.