April 30, 2021
Ransomware Task Force Urges Creation of Ransomware Framework
The Institute for Security and Technology’s Ransomware Task Force (RTF) has announced a series of key recommendations aimed at helping public and private entities improve cybersecurity and cyber resilience with regard to ransomware. Datto CISO Ryan Weeks is a core member of the RTF, a broad coalition of more than 60 experts in industry, government, law enforcement, and international organisations coming together in the fight against ransomware.
A Comprehensive Framework for Action: Key Recommendations from the Ransomware Task Force, was published this week in an effort to help organisations combat the threat of ransomware. These are the goals outlined in the report.
- Deter ransomware attacks through a nationally and internationally coordinated, prioritised, and resourced comprehensive strategy;
- Disrupt the ransomware business model and decrease criminal profits;
- Help organisations better prepare for ransomware attacks; and
- Respond to ransomware attacks more effectively.
The 48 recommended actions provide guidance for addressing some of the root causes of the ransomware epidemic, including the low barrier to entry for intelligent cybercriminals, the difficulty of tracing cryptocurrencies, and the lack of law enforcement resources. This has created an environment of safe havens for threat actors.
MSPs and the state of ransomware
Ransomware attacks are a risk to organisations of all kinds and show no signs of slowing down. According to Datto’s Global State of the Channel Ransomware Report, 95% of MSPs state that their own businesses are increasingly being targeted and 78% of MSPs reported attacks against their small and medium businesses (SMB) clients in the last two years.
The report goes on to outline the industries most impacted by ransomware, including healthcare, cities and municipalities, and public education. This is worth noting, as MSPs serve these industries and their IT needs, including ransomware detection, prevention, and response. However, the RTF finds that MSPs do not commonly provide extensive security coverage or ransomware mitigation, but doing so would create a widespread positive impact for SMBs.
To further this effort, baseline requirements for MSPs include:
- Adherence with a cyber-hygiene program (for example, CIS Controls Implementation Group 1 and the NIST Cybersecurity Framework)
- Financial funding and support to help MSPs develop cyber resilience capabilities
- Stricter disclosures of the occurrence of ransomware incidents for increased transparency
- Formation of an MSP-ISAC, an information sharing and analysis center specific to the unique needs of the MSP industry
“MSPs continue to be on the frontlines of a cyberwar but need more support, and this report elevates this concern,” said Ryan Weeks, CISO at Datto. “The time for concerted, coordinated action is now. Datto is proud to have played a part in this groundbreaking coalition, and looks forward to the day when the threat of ransomware no longer looms over the heads of citizens, students, teachers, businesses, hospitals, and nations.”
To read the RTF’s full report, visit securityandtechnology.org/ransomwaretaskforce/report.