Cybersecurity experts, law enforcement agencies and governments urged the White House to curb safe havens for criminals who engage in ransomware and bring in increased regulation of crypto currencies, the lifeblood of hackers, in the hope of controlling a growing wave of attacks.
These are two of 48 recommendations made by a task force in a report Thursday to the Biden administration aimed at combating the continuing runsomware episodes that plague major corporations, local governments and health providers across the world.The task force, organized by the Institute for Security and Technology, said cyber-attacks have become a $350 million criminal industry - a fourfold increase from the previous year.Last week the United States Attorney Department created its own independent ransomware task force, signaling the growing awareness in the U.S. government of the now decades-old threat.
Ransomware is a type of encrypted code that usually encrypts the data or computer networks of victims.The hackers then demand a ransom to decrypt the information.More recently, ransomware gangs also threatened to collect data and reveal it public unless the victim pays for it but many victims end up doing so because the costs of the attacks can outweigh the demand for ransom money.Ransomware attacks forced schools to postpone critical treatment, energy providers to cut off power supplies and hospitals to stop teaching.In some instances, lives are at stake, said Kemba Walden, an attorney in the Digital Security Unit at Microsoft Corp.The report was born from months of consultations among cybersecurity specialists at Chainalysis Inc. researchers at Palo Alto Networks Inc. and law enforcement agencies in the United States, among others.The recommendations include five priorities that are deemed to be 'allocated' and urgent, including a push to use diplomatic channels and law enforcement across the world to dissuade countries from becoming 'friendly havens for ransomware criminals.
The most ransomware criminals are based in nation states that are unwilling or unable to prosecute this cyber crime and because ransoms are paid via cryptocurrency, they are difficult to trace according to the report.'This global challenge demands an 'all hands on deck' approach, with support from the highest levels of government.
On Thursday, the Secretary of Homeland Security, Alejandro Mayorkas, declared ransomware as a national security threat and pledged to make it a priority for the Biden administration.
'' The White House is developing a plan that focuses on this problem, said he.
John Demers, Assistant Attorney General for National Security, told reporters this week that ransomware as a cybercrime is no longer limited to independent cartels seeking to hold victims hostage for profit.Instead, state states may use the attacks as a weapon to disrupt government or private operations.
For instance, earlier this month the US Treasury Department sanctioned Russian entities for helping to facilitate cyber-attacks and linked a notorious intelligence agency to a Russian ransomware group known as Evil Corp.
The report also outlines how to control and regulate the economic backbone of the ransomware business: cryptocurrencies.Such payments between hackers and their victims occur in the largely unregulated realm of digital currency, which is harder for experts to track in hopes of identifying the criminals.The task force calls for governments to enforce Bitcoin exchanges and trading desks to enforce basic '' know your customers, anti-money laundering and financial terrorism laws.
These rules could help law enforcement identify the nexus of ransomware cartels and the individuals getting rich from ransom payments, said Don Spies, Director of Market Development for Chainalysis.
I firmly believe in cryptocurrencies as a new asset class.They're now part of the overall financial system, Spies said.'So, too, is ransomware, and it's not going away.But I think these recommendations can go a long way to combat a problem that's out of control.
For more articles like this please visit bloomberg.com at http://www.bloomberg.com.
Subscribe today to stay ahead with the most trusted business news source.