Government, industry efforts to thwart ransomware slowly start to pay off

It may seem counterintuitive given its regularity of ransomware attacks today, but these debilitating cyberattacks actually declined for the first time ever in 2022, thanks to actions and policy changes implemented by enterprises and governments in countries around the world.

This bit of good news comes courtesy of the Ransomware Task Force (RTF), an industry group founded by the Institute for Security and Technology (IST) during the height of the COVID-19-onset rise in ransomware. In its May 2023 progress report, RTF announced that of its 48 recommendations for how society could fight back against the scourge of ransomware, a full 92% have already been addressed in one way or another.

The results of this progress are already showing up in the data and being felt on the ground.

“I think it’s reasonable to compare ransomware to COVID,” says Curt Franklin, principal analyst for enterprise security management at Omdia. “We’re past the epidemic and into the endemic. It is not the constant in your face. Now it’s just part of the everyday cybercrime background that we all deal with.”

Still, ransomware attacks continue. New threat actors are still cropping up every week, getting better at what they do and always evolving their tactics and technologies to circumvent our best defenses. Major, multimillion-dollar attacks — the likes of which would’ve seemed extreme even just a couple of years ago — continue to befall both enterprises and government targets. Just last week, for instance, the Sheriff’s Department in San Bernardino, California admitted to paying off a ransom of $1.1 million.

RTF was founded in Dec. 2020, bringing together dozens of leaders from organizations as far and wide as Microsoft, Bank of America, Mandiant, the US Department of Justice, and Europol. In April 2021 the group released its inaugural report, centered around “a comprehensive framework of actions (48 in total) that government and industry leaders can pursue to significantly disrupt the ransomware business model and mitigate the impact of these attacks in the immediate and longer terms.”

It would’ve been easy to lose track of all those actions or ignore them entirely. Instead, “two years later, we have seen impressive moves by industry, US, and partner governments toward implementing these recommendations,” the authors of the newest report wrote.

By now, 44 of the RTF’s 48 recommendations “have seen some action.” 24 of those “have seen significant progress” since April 2021, with “preliminary actions” taken to address 20 more. “Only 4 recommendations have had no publicly known action,” the new report stated.

To read the complete article, visit Dark Reading.