New ransomware taskforce report published, how to disrupt ransomware and reduce effects of attacks

The Institute for Security and Technology’s Ransomware Task Force (RTF) (over 60 experts) published an 81-page report presenting 48 recommendations to disrupt the ransomware business and mitigate the effect of such attacks.

More on the story here: https://securityandtechnology.org/ransomwaretaskforce/report/xxx

We have an expert comment from Ilia Kolochenko CEO, Founder and Chief Architect at ImmuniWeb (bio below):

“The report provides a wide spectrum of valuable and bright ideas, however, most of them are burdensome and far too expensive from a practical viewpoint. Strong global collaboration to combat cybercrime is probably a utopia, especially amid the rapidly growing political tensions around the globe, unclarity of international law’s application to cyber war and disruptive aggressions in the digital space. 

Sadly, virtually all Western law enforcement agencies are significantly underfunded today, while efficient combat with ransomware will probably require at least a tenfold budget increase – just to address this isolated phenomena. Spiralling pandemic losses will unlikely allow countries to spend more on cybercrime prosecution and investigation units, unless the private sector donates billions of dollars. Fighting digital currencies is a waste of time, cybercriminals will find a myriad of other smart ways to bypass sanctions and get paid in impunity.

“I’d rather suggest treating the root cause of ransomware: the widespread lack of basic cyber hygiene. Even the largest organizations from regulated industries often fail to follow the basics: maintain an up2date asset inventory, implement risk-based and threat-aware security controls, perform continuous security monitoring and anomaly detection, conduct ongoing security training and awareness, maintain software and patch management programs, and to enforce centralized identity management. Most organizations have no third-party risk management programs, lack Dark Web monitoring and incident detection and response (IDR) plan. Unless we can motivate and support targeted organizations to attain a basic level of cyber hygiene, ransomware will continue flourishing.”