Combatting Ransomware. A Comprehensive Framework for Action: Key Recommendations from the Ransomware Task Force. Ransomware attacks present an urgent national security risk around the world. This evolving form of cybercrime, through which criminals remotely compromise computer systems and demand a ransom in return for restoring and/or not exposing data, is economically destructive and leads to dangerous real-world consequences that far exceed the costs of the ransom payments alone.
In 2020, thousands of businesses, hospitals, school districts, city governments, and other institutions around the world were paralyzed as their digital networks were held hostage by malicious actors seeking payouts. The immediate physical and business risks posed by ransomware are compounded by the broader societal impact of the billions of dollars steered into criminal enterprises, funds that may be used for the proliferation of weapons of mass destruction, human trafficking, and other virulent global criminal activity.
The framework outlines 48 actions government and industry leaders can take to disrupt the ransomware business model and mitigate the impact of attacks.
Over 60 experts from industry, government, law enforcement, civil society, and international organizations worked together to produce this comprehensive framework, which breaks down siloed approaches and advocates for a unified, aggressive, comprehensive, public-private anti-ransomware campaign. These recommendations are informed by a deep bench of experts and immediately actionable, forming a framework to reduce this criminal enterprise. Participants include Microsoft, McAfee, Rapid7, Amazon, Cisco, the Cyber Threat Alliance, the Global Cyber Alliance, US Department of Justice, Europol, and the UK’s National Crime Agency, among many others.