An ambitious plan to deal with ransomware has long probabilities
[ad_1]
Schools, hospitals, The city of Atlanta. Garmin, Acer, Washington, DC, police. At this point no one is safe from ransomware disease. In recent years, it has demanded major bailouts indiscriminate targeting they increase, without obvious relief. The newly created public-private partnership is now taking the first steps towards a coordinated response.
The comprehensive frameworkSupervised by the Ransomware Task Force of the Institute of Security and Technology, it proposes a more aggressive public-private response to ransomware than a historically fragmented approach. The working group, launched in December, counts Amazon Web Services, Cisco and Microsoft among its members, along with the Federal Bureau of Investigation, the Homeland Security Department of Cybersecurity and Infrastructure Security Agency and the United Kingdom National Crime Agency. Building on the recommendations of cybersecurity companies, rioters, nonprofits, government agencies and academics, the report calls on the public and private sectors to improve defenses, develop response plans, strengthen and expand cooperation to enforce international law and regulate cryptocurrencies.
The details will be important, however, as well as the level of procurement of government agencies that may cause changes. U.S. Department of Justice was created recently ransomware specific working group and Department of Security announced in February that it will expand its efforts to combat ransomware. But these agencies are not doing politics, and the United States has struggled in recent years to provide a truly coordinated response to the rescue.
“We need to start treating these issues as basic national security and economic security issues, and not as small boutique issues,” says Chris Painter, a former Justice Department and White House cybersecurity official. Cyber Expertise Foundation. “I hope we get there, but we’ve always been uphill for ourselves in the cyberspace trying to get people to pay attention to these big issues.”
Thursday’s report expands the threat posed by ransomware actors and actions that can reduce the threat. Law enforcement has many jurisdictional issues when it comes to tracking ransomware gangs; the framework discusses how the U.S. can engage in diplomatic relations to involve more countries in the rescue response, and to try to take over what have historically been safe havens for rescue teams.
“In addition to blinding our eyes, when we go after countries that are actively supporting this, it will pay dividends much more than cybercrime rescue software,” Painter says. He admits it won’t be easy, though. “Russia is always tough,” he says.
Some researchers are optimistic that making recommendations could lead to increased collaboration between public and private organizations. “Larger work teams can be effective,” says Crane Hassold, general manager of threat investigation at the email security company Agari. “The advantage of joining the private sector in a team is that we generally understand the extent of the problem better because we see so much more every day. Meanwhile, the public sector is better able to demolish smaller components of the cyberattack chain in a more surgical way.”
The question, however, is whether the IST Ransomware Task Force and U.S. federal government agencies could turn the new framework into action. The report recommends the creation of an inter-agency working group led by the National Security Council, a joint U.S. internal rescue rescue team and a White House-led industry-led rescue center coordinated and coordinated.
“This requires very decisive action on many levels,” says Brett Callow, a threat analyst at Emsisoft’s anti-virus company. “In the meantime, the frameworks are fine, but the implementation of these organizations is completely different. There are many areas where improvements can be made, but there will be no overnight repairs. It will be a long and hard road. “
[ad_2]
Source link