Ransomware Task Force Co-Chairs propose a strategic roadmap to potentially prohibit ransom payments. The memo underscores the need for a multi-year approach, emphasizing the importance of concurrent efforts across four lines of effort: ecosystem preparedness, deterrence, disruption, and response.
Under the first line of effort, organizations are urged to enhance their preparedness by adopting a national Ransomware Framework and raising awareness through national campaigns. Financial incentives and mandates for baseline security measures are also proposed to bolster organizational resilience.
In terms of deterrence, governments are advised to issue formal statements through diplomatic channels and establish international law enforcement partnerships to target ransomware criminals. Interagency working groups and joint task forces are recommended to coordinate government disruption activities effectively.
To improve disruption capabilities, governments should enforce existing laws on cryptocurrency entities and engage in regular, sustained disruptive actions on ransomware criminal infrastructure. Victim data aggregation in the cyber insurance market is highlighted as a valuable resource to support law enforcement efforts.
In preparation for potential payment prohibitions, governments are encouraged to enact ransomware emergency response authorities, engage with insurer consortiums to reflect prohibition in insurance contracts, and mandate reporting of ransomware incidents to the federal government.
