US agencies announce initiatives to crack down on ransomware
The Cybersecurity and Infrastructure Security Agency on Friday said it plans to convene a Joint Ransomware Task Force, while the Department of Justice announced it is launching two international initiatives aimed at tracking illegal cryptocurrency transfers and disrupting “top tier” cyber actors.
The announcements were made by top government officials at an Institute for Security and Technology event held to mark the one-year anniversary of the Ransomware Task Force — a public-private initiative that brought together dozens of experts from law enforcement agencies, cybersecurity firms, and civil society organizations. The event featured keynotes and commentaries from National Cyber Director Chris Inglis, the current and former directors of CISA, and Deputy Attorney General Lisa Monaco, highlighting how ransomware has become a top priority across the government.
CISA director Jen Easterly said the Joint Ransomware Task Force, which was called for in the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), would be led by Eric Goldstein, CISA’s executive assistant director for cybersecurity, and Bryan Vorndran, assistant director of the FBI’s Cyber Division. CIRCIA became law in March as part of the omnibus spending bill.
“Given what’s in that legislation and what the Task Force is envisioned to do — there’s a lot of disruption of ransomware actors [including] infrastructure, finances — I thought it was really important that the FBI co-chairs,” Easterly said, adding that the group will hold its first official meeting sometime in the next few months. “It’s very likely that industry is going to see a cyberattack on the homeland before we see it. … We have to be in the same room, we have to trust each other.”
The Department of Justice is also rolling out two initiatives that would help disrupt ransomware actors and confiscate their funds. An international virtual currency initiative will crack down on illegal cryptocurrency transactions, Monaco said.
“This initiative will allow for more joint international law enforcement operations, more eyes from multiple law enforcement agencies around the world to follow the money through the blockchain,” Monaco said. “It will also foster, we hope, responsible regulation and anti-money laundering requirements to root out the abuse of these technologies.”
Additionally, the DOJ will create a new cyber operations international liaison position to work with U.S. prosecutors and European law enforcement officials to “up the tempo of international operations against top tier cyber actors, including arrests, extraditions, asset seizures and working together to dismantle infrastructure,” Monaco said.
The initiatives are the latest moves made by the government to combat a surge in ransomware, which has become a top cybersecurity concern for healthcare organizations, corporations, schools, and a wide range of other organizations. Of the 48 recommendations made by the Ransomware Task Force in its report last year, 12 have seen progress while steps have been taken on 29 others.
But ransomware actors continue to up the ante — in recent weeks, groups have hit universities, media giants, and even threatened to “overthrow” Costa Rica’s government if a $20 million ransom demand isn’t paid.