A group of big-name security and technology vendors, non-profits and other industry stakeholders have come together to create a new group focused on combatting ransomware.
The Ransomware Task Force (RTF) is the brainchild of Bay Area firm the Institute for Security and Technology (IST) and will see member organizations unite to provide “clear recommendations for both public and private action that will significantly reduce the threat posed by this criminal enterprise.”
Members announced at the official launch yesterday include tech firms Citrix, Microsoft, McAfee, Rapid 7, Team Cymru and Cybereason, law firm Venable LLP, and policy-maker groups like Digital Aspen and the Cybersecurity Coalition. Others on board include insurer Resilience, non-profit the Shadowserver Foundation and data sharing group the Cyber Threat Alliance.
“Ransomware incidents have been growing unchecked, and this economically destructive cybercrime has increasingly led to dangerous, physical consequences. Hospitals, school districts, city governments, and others have found their networks held hostage by malicious actors seeking payouts,” the IST argued.
“This crime transcends sectors and requires bringing all affected stakeholders to the table to synthesize a clear framework of actionable solutions, which is why IST and our coalition of partners are launching this Task Force for a two-to-three-month sprint.”
According to the most recent stats, ransomware grew as a percentage of total detected malware from 39% to 51% during the period Q2-Q3 2020. Healthcare organizations have been most notably targeted through the COVID-19 crisis, as have vaccine developers.
Big names such as French IT services giant Sopra Steria have been on the receiving end of a surge in “big game hunting” attacks using APT-style tactics to infiltrate large organizations. It said a Ryuk attack in October could end up costing the firm as much as $60 million.
However, the truth is that SMBs are much more likely to get caught out, according to Coveware. The vendor claimed that organizations with up to 1000 workers accounted for 73% of attacks in Q3 2020.
“The RTF will assess existing solutions at varying levels of the ransomware kill chain, identify gaps in solution application, and create a roadmap of concrete objectives and actionable milestones for high-level decision-makers,” said the IST.