It’s now or never: Society must respond to the ransomware crisis

Companies in the hyper-competitive technology industry rarely work together, making their collaboration on a framework to combat ransomware noteworthy. Representatives from companies such as Microsoft and Amazon Web Services teamed up with security vendors, insurance providers, non-profits, think tanks, and government agencies to join the Institute for Security and Technology’s (IST) Ransomware Task Force, which today published a sobering report with detailed recommendations on ways to fight back against these attacks, “Combating Ransomware: A Comprehensive Framework for Action.”

Only a few years ago, ransomware was mostly an economic nuisance that did not attract this level of scrutiny. It primarily affected individual machines, with ransoms of a few hundred dollars. Now, ransomware is a national security and public health and safety threat. It affects entire corporate networks and disrupts critical services. Meanwhile, payments in the hundreds of thousands or even millions of dollars are fueling an entire criminal ecosystem. As a society, we must combat this threat more effectively or we will suffer catastrophic consequences.

Identifying the threat is easy. The hard part is figuring out what precisely to do to fight ransomware. To meet this challenge, IST convened a large group of experts from the technology industry and other sectors and fields to review the threat and develop responses. This group met and deliberated intensely for three months. The result: today’s report that lays out an integrated set of 48 recommended actions that would, if fully resourced and implemented, achieve the goal of significantly reducing the ransomware threat.

As the report indicates, many different types of organizations will have to work together to implement these recommendations. Government agencies, for-profit security companies, platform providers, the insurance industry, the financial sector, telecommunications companies, critical infrastructure companies, academia and think-tanks, and cybersecurity non-profit organizations all have critical roles to play. Combatting this threat requires each sector to bring its capabilities to the table.

Within the cyber ecosystem, non-profits perform several unique functions. Non-profits take on functions and look after interests that the market has little incentive to perform or consider. Non-profits serve as neutral conveners among for-profit actors; since non-profits do not have to exclusively support a given product or service, they can work with different vendors on equal footing and develop industry-wide viewpoints.  hey serve as interlocutors between different sectors that might find it difficult to interact directly for a variety of reasons. They serve as reliable information collators, collecting input from a wide range of sources and sifting through it to identify the most useful ones.

In the RTF’s recommendations, non-profits are called upon to perform all these functions. The report identifies specific tasks for non-profits in multiple areas, including working with the National Institute of Standards and Technology to develop a ransomware framework, supporting a global hub to combat ransomware, developing complementary materials to support framework adoption, participating in an information-sharing Ransomware Incident Response Network, and creating a standard format for ransomware incident reporting. Without active participation from cybersecurity non-profits, these recommendations will likely prove difficult to implement, thereby limiting the ability to fully counter this burgeoning threat.

Of course, performing these functions requires resources. For non-profits, that means garnering support from the other sectors in the ecosystem, whether it is from for-profit companies paying membership dues, governments giving grants, or philanthropists and foundations donating to specific projects. Put simply, for non-profits to play our unique part in combating ransomware, we will need support from the other sectors in this effort.

Non-profits such as the Cyber Threat Alliance and the Global Cyber Alliance are dedicated to improving the security of the digital ecosystem and reducing the threat of ransomware. Along with the Center for Internet Security, the Cybercrime Support Network, the Cyber Readiness Institute, the Cybersecurity Coalition, the Global Resilience Federation, the Institute for Security and Technology, Aspen Digital, the CyberPeace Institute, the CyberPeace Foundation, and Third Way, we will work with each other and representatives from other sectors to implement the RTF recommendations.

We urge other cybersecurity non-profits to join us in this important work, and we call on the other sectors in the digital ecosystem to support the non-profit sector in performing their unique functions. We must redouble our efforts against this dangerous threat.

Michael Daniel is president and chief executive officer of the Cyber Threat Alliance and a co-chair of the Ransomware Task Force Working Group.

Megan Stifel is executive director for the Americas at the Global Cyber Alliance and a co-chair of the Ransomware Task Force.