Last week, the White House revealed that a ransomware taskforce has been created to coordinate a series of defensive and offensive measures against ransomware and launch a national “counter-ransomware” campaign. The State Department is also offering rewards totaling up to $10M for any intel that leads to identifying suspected cyber criminals, emphasizing those behind state-sanctioned breaches of critical infrastructure. There was also a ransomware resource page announced, which aims to share critical preparedness and response information with organization - StopRansomware.gov.
Ransomware experts reacted to the news.
Nick Cappi, Cyber Vice President, Portfolio Strategy and Enablement at Hexagon
"I think the government has this one correct (and has had it correct for a long time, just in a different context). For as long as I can remember, the policy has been “The United States does not negotiate with terrorists” as well as “The United States doesn’t Pay Ransoms for Americans Kidnapped by Terrorists." I don’t think we should take any lesser stance on data being held hostage by cyber terrorists. Terrorists are terrorists, the assets being targeted (physical or digital) shouldn’t impact the policies and responses."
Eddie Habibi, CEO and Founder of PAS Global (now part of Hexagon)
"The Biden administration’s attention to cybersecurity sends a clear signal to bad actors worldwide that the United States considers cyberattacks, especially those on critical infrastructure, as a matter of national security. The $10M reward for information leading to the identification of perpetrators provides a bounty on the heads of attackers in the highly competitive cyber crime industry. Now, “white hackers” of all sorts have a monetary incentive to hunt down bad actors. This helps democratize the field of threat hunting, expanding the field beyond established cybersecurity firms.
The administration recognizes that no amount of cyber defense can completely secure the IT and operational technology (OT) networks. We are pleased to see a bullish position on establishing offense as part of the United States' cyber resiliency and protection strategy. Cyber offense, very similar to that in tactical warfare, acts as an effective deterrent to individuals and nation states engaged in rogue activities. The bipartisan nature of the White House’s ransomware taskforce sends a clear message to other nations that we are united as a nation to fight cyber terrorism.
We hope that the administration does not stop here. Cyber crime is an international plague, often crossing international boundaries. A global initiative to fight and curb cyber crimes requires collaboration of nations in ways not too dissimilar from nuclear proliferation treaties."
Adam Flatley, Director of Threat Intelligence, [redacted]
“The new stopransomware[.]gov site is a very welcome development. Having free resources to help prevent, prepare for, report, and respond to ransomware attacks all in one place will make it much easier for the most vulnerable organizations out there to improve their cybersecurity posture and get help in a crisis. This is especially true for those organizations who have budget constraints that force them to go it alone, which is the case for so many good, hard working folks.
For those who do have the budget for it, nothing can replace the value that you’ll get out of having cybersecurity professionals do a customized assessment to evaluate your network, policies, and procedures, and design custom solutions to prevent, detect, respond to, and recover from a ransomware event.”