The U.S. DOJ, Europol, the U.K. National Crime Agency along with Amazon, Cisco, FireEye, McAfee, Microsoft other firms delivered an anti-ransomware plan to the Biden administration. In part, the plan would put more pressure on crypto markets, the favorite payment method, by requiring cryptocurrency exchanges to implement “know your customer” procedures.
More critical in my opinion is to use the tools we have more effectively. The plan includes the creation of a federal cyber response team. Using AI-based crypto analytic tools the ransom could be tracked and then the problem becomes one of law enforcement which is difficult when state actors are involved:
“Many of the recommendations in the Ransomware Task Force report are what you might expect, such as encouraging voluntary information sharing on ransomware attacks; launching public awareness campaigns on ransomware threats; exerting pressure on countries that operate as safe havens for ransomware operators; and incentivizing the adoption of security best practices through tax breaks.
A few of the more interesting recommendations (at least to me) [Brian Krebs] included:
-Limit legal liability for ISPs that act in good faith trying to help clients secure their systems.
-Create a federal “cyber response and recovery fund” to help state and local governments or critical infrastructure companies respond to ransomware attacks.
-Require cryptocurrency exchanges to follow the same “know your customer” (KYC) and anti-money laundering rules as financial institutions, and aggressively targeting exchanges that do not.
-Have insurance companies measure and assert their aggregated ransomware losses and establish a common “war chest” subrogation fund “to evaluate and pursue strategies aimed at restitution, recovery, or civil asset seizures, on behalf of victims and in conjunction with law enforcement efforts.”
-Centralize expertise in cryptocurrency seizure, and scaling criminal seizure processes.
-Create a standard format for reporting ransomware incidents.
-Establish a ransomware incident response network.”
Overview by Tim Sloane, VP, Payments Innovation at Mercator Advisory Group