Ransomware Task Force

The Ransomware Task Force (RTF) is an initiative housed in the Institute for Security and Technology (IST). The RTF was launched on April 29, 2021,^[1] and it has 60 members from software companies, government agencies, cybersecurity vendors, financial services companies, nonprofits, and academic institutions.

Leadership

• John Davis, Palo Alto Networks
• Megan Stifel, Global Cyber Alliance
• Michael Phillips, Resilience
• Kemba Walden, Microsoft
• Jen Ellis, Rapid7
• Chris Painter, The Global Forum on Cyber Expertise Foundation
• Michael Daniel, Cyber Threat Alliance
• Philip Reiner, IST^[2]

RTF Framework

The RTF released a document outlining its key recommendations for combating ransomware. The task force sees five priority actions that are either foundational or urgent. They can be summarized as:^[3]

1. A coordinated IGO effort to tackle ransomware with a carrot-and-stick approach to incentivize nation-states to stop providing safe havens to hackers.
   
2. The United States should execute a sustained, aggressive, intelligence-driven campaign led by the White House.
   
3. Governments need to set aside Cyber Response and Recovery Funds, mandate that organizations report ransom payments; and require organizations to consider alternatives before making payments.
4. A clear, accessible, and broadly adopted framework to help organizations prepare for and respond to attacks with possible incentives, such as fine relief and funding or regulation.
5. Regulate the Cryptocurrency sector.
6. Governments should require cryptocurrency trading desks that comply with Know Your Customer (KYC), Anti-Money Laundering (AML), and Combatting Financing of Terrorism (CFT) laws.

References