Top technology players like Microsoft, Amazon, Cisco, FireEye, and McAfee are joining forces with government agencies such as the Department of Justice (DOJ), Europol, and the U.K. National Crime Agency in a task force trying new ways of taking down cybercriminals.
What is Going On
Tech firms and government entities are teaming up to disrupt ransomware thieves by targeting the businesses and services that allow these groups to get paid. By cutting them off at the knees and making it impossible for them to collect their bounty, the joint task force believes it may dissuade further operations.
Dubbed the Ransomware Task Force, the group issued an 81-page report to the Biden Administration urging them to make disrupting cyber gang operations a priority along with finding and apprehending those responsible.
How Will it Work?
The idea is to hit thieves where it hurts in the pocketbook. Krebs on Security explains ‘The Wall Street Journal recently broke the news that the DOJ was forming its own task force to deal with the “root causes” of ransomware. An internal DOJ memo reportedly “calls for developing a strategy that targets the entire criminal ecosystem around ransomware, including prosecutions, disruptions of ongoing attacks and curbs on services that support the attacks, such as online forums that advertise the sale of ransomware or hosting services that facilitate ransomware campaigns.”’
The report mentions that
“The costs of ransomware go far beyond the ransom payments themselves. Cybercrime is typically seen as a white-collar crime, but while ransomware is profit-driven and ‘non-violent’ in the traditional sense, that has not stopped ransomware attackers from routinely imperiling lives.”
One goal of the task force is to make it easier for people to report ransomware attacks because they suspect that far more victims never come forward. Another possible outcome is that anyone who pays ransom to a group that is being sanctioned by the U.S. government will face fines. There is also talk of requiring permission from the U.S. Treasury Department before anyone can pay a ransom after a ransomware attack.
The CEO of the Institute for Security and Technology and the executive director of the task force, Philip Reiner, said, “That’s why we were so dead set in putting forward a comprehensive framework. That way, the Department of Homeland Security can do what they need to do, the State Department, Treasury gets involved, and it all needs to be synchronized for going after the bad guys with the same accuracy.”
A Law to Make Paying Ransom Illegal?
Although the task force is toying with the idea of making it illegal to pay ransom to criminals, they aren’t ready yet to make that directive into law. Making paying ransom illegal might decrease the number of payouts these groups can collect but it might not.
Skeptics believe that it won’t stop attackers but perhaps even spur an uptick in incidents to test individuals, corporations and how effectively the government can enforce new laws where paying a ransom to cybercriminals is an illegal act.
The report states that
“As such, any intent to prohibit payments must first consider how to build organizational cybersecurity maturity, and how to provide an appropriate backstop to enable organizations to weather the initial period of extreme testing. “Ideally, such an approach would also be coordinated internationally to avoid giving ransomware attackers other avenues to pursue.”
It’s unclear whether or not this approach would have any real, lasting, positive effect on this epidemic-like problem. It may, in the end, create more problems than it solves.
If you want to read the entire report and all the directives, you can access the complete resource here.