{"id":19284,"date":"2022-06-07T14:10:19","date_gmt":"2022-06-07T22:10:19","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2022\/06\/07\/news-13017\/"},"modified":"2022-06-07T14:10:19","modified_gmt":"2022-06-07T22:10:19","slug":"news-13017","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2022\/06\/07\/news-13017\/","title":{"rendered":"Ransomware Task Force priorities see progress in first year"},"content":{"rendered":"

Credit to Author: David Ruiz| Date: Tue, 07 Jun 2022 21:47:44 +0000<\/strong><\/p>\n

This blog is part of our live coverage from RSA Conference 2022<\/em>:<\/p>\n

US President Joseph R. Biden Jr., The White House, and law enforcement agencies across the world paid close attention last year when a group of more than 60 cybersecurity experts launched the Ransomware Task Force<\/a>, heeding the group\u2019s advice on how to defend against ransomware attacks and deny cybercriminals their ill-gotten riches.<\/p>\n

Of the Ransomware Task Force\u2019s initial 48 recommendations\u2014published in their report last year<\/a>\u201412 have resulted in tangible action, while 29 have resulted in preliminary action, said Philip Reiner, chief executive officer for the Institute for Security and Technology and member of the Ransomware Task Force.<\/p>\n

The progress, while encouraging, is not the end, Reiner said.<\/p>\n

\u201cNot enough has been done,\u201d Reiner said. \u201cThere is still a great deal of work that remains to be done on this front to blunt the trajectory of this threat.\u201d<\/p>\n

At RSA Conference 2022, Reiner moderated a panel of other Ransomware Task Force members which included Cyber Threat Alliance President and CEO Michael Daniels, Institute for Security and Technology Chief Strategy Officer Megan Stiflel, and Resilience Chief Claims Officer Michael Phillips. The four discussed how separate levels of the government responded and acted on the five priority recommendations made by the Ransomware Task Force last year.<\/p>\n

In short, many promising first steps have been made, the panelists said.<\/p>\n

\u201cLook at what the US government has done in the past year\u2014the impressive speed at which [they\u2019ve] organized and focused on the ransomware threat,\u201d Daniels said. \u201cEverything from presidential statements, to work in the international area, to convening a ransomware task force inside the government to start working on this issue.\u201d<\/p>\n

He continued: \u201cI think it\u2019s clear that governments are really engaged in this issue in a way that they weren\u2019t just a couple of years ago.\u201d<\/p>\n

Last year, governments across the world collaborated together in taking down ransomware threat actors. In June 2021, Ukrainian law enforcement worked with investigators from South Korea to arrest members affiliated with the Clop ransomware gang<\/a>, and months later, members of the FBI, the French National Gendarmerie, and the Ukrainian National Police arrested two individuals\u2014and seized about $2 million\u2014from an unnamed ransomware group<\/a>.<\/p>\n

Around the same time as the undisclosed arrests, President Biden traveled to Switzerland to speak at a cybersecurity summit that was also attended by Russia President Vladimir Putin. When the two met, Biden reportedly told Putin that the United States was willing to take \u201cany necessary action\u201d to defend US infrastructure. The US President\u2019s statement came shortly after the ransomware attack on Colonial Pipeline, which was attributed to the cybercriminal group Darkside, which is believed to be located in Russia.<\/p>\n

\u201cI’m gonna be meeting with President Putin and so far there is no evidence, based on our intelligence people, that Russia is involved,” President Biden said of the attack at the time, according to reporting from the BBC<\/a>. But, Biden added, \u201cthere’s evidence that the actors’ ransomware is in Russia\u2014they have some responsibility to deal with this.\u201d<\/p>\n

Separately, Stifel from the Institute for Security and Technology welcomed recent developments\u2014which may take many more years to solidify\u2014to create a standardized format and timeline for companies and organizations to report ransomware attacks.<\/p>\n

\u201cIt will be some time, and some of you may be retired by the time it\u2019s in place,\u201d Stifel said, \u201cbut it\u2019s there. You have to start somewhere.\u201d<\/p>\n

The panelists also acknowledged recent government efforts to appropriate cybersecurity recovery and response funds in the latest infrastructure bill. While the Ransomware Task Force specifically asked for funds for ransomware recovery and response, a broad package of millions of dollars for overall cybersecurity events is still considered a win.<\/p>\n

One underdeveloped priority area that every panelist stressed was the need for faster, more accurate data on ransomware attacks and recovery costs. Without a centralized database\u2014and without a requirement to report both attacks and ransom payments\u2014the government and cybersecurity companies are working with limited information.<\/p>\n

The panelists also lamented the difficulties posed in trying to remove safe havens for ransomware actors. As the governments that already provide cover for ransomware groups have little to no impetus to change their positions, it\u2019s up to global governments to start working together.<\/p>\n

\u201cI can see the US government trying to, internationally, build a collation of countries\u2014not just US agencies, but multiple agencies across multiple jurisdictions at the same time,\u201d Daniels said.<\/p>\n

He continued: \u201cThis threat has become so large that no government can really just ignore it.\u201d<\/p>\n

The post Ransomware Task Force priorities see progress in first year<\/a> appeared first on Malwarebytes Labs<\/a>.<\/p>\n

https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: David Ruiz| Date: Tue, 07 Jun 2022 21:47:44 +0000<\/strong><\/p>\n

The Ransomware Task Force’s five priority recommendations, issued last year, have all seen encouraging progress from governments.<\/p>\n

The post Ransomware Task Force priorities see progress in first year<\/a> appeared first on Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[25304,26468,3765,26469],"class_list":["post-19284","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-clop","tag-clop-ransomware","tag-ransomware","tag-ransomware-task-force"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/19284","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=19284"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/19284\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=19284"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=19284"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=19284"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}