Cybersecurity experts have expressed their approval of the recommendations put forth in a new ransomware report by a collaboration of big tech companies and law enforcement agencies. However, they emphasize that addressing the ransomware threat must start with improving cyber-hygiene practices.
The Ransomware Task Force (RTF), comprised of over 60 experts from various sectors including software companies, cybersecurity vendors, government agencies, non-profits, and academic institutions, has proposed five key recommendations to combat ransomware. One standout recommendation is the call for governments to enforce regulatory standards on cryptocurrency exchanges and trading platforms similar to those imposed on banks, such as anti-money laundering (AML), Know Your Customer (KYC), and Combatting Financing of Terrorism (CFT) laws.
Additionally, the RTF suggests that the US government should lead a coordinated anti-ransomware campaign driven by intelligence efforts. A new Department of Justice taskforce has also been established to disrupt ransomware groups by managing efforts to disrupt command and control infrastructure, seize profits, and coordinate intelligence sharing across federal agencies.
While some experts are skeptical about the effectiveness of regulating cryptocurrencies in preventing ransomware attacks, others believe that focusing on improving cyber-hygiene practices within organizations is key. Ilia Kolochenko, founder of ImmuniWeb, argues that the root cause of ransomware lies in the lack of basic cybersecurity practices, such as maintaining up-to-date asset inventories, implementing security controls based on risk and threats, and conducting regular security training and awareness programs.
Carl Wearn, head of e-crime at Mimecast, emphasizes the importance of regular cybersecurity training in building employee awareness and understanding of their role in protecting organizations from cyber threats. Fedor Sinitsyn, a security expert at Kaspersky, highlights the evolving landscape of ransomware attacks targeting enterprises and stresses the need for businesses to adopt comprehensive security practices to safeguard their data.
In conclusion, while the efforts of the Ransomware Task Force are commendable, it is crucial for organizations to prioritize cybersecurity measures, including regular training, awareness programs, and comprehensive security practices, to mitigate the growing threat of ransomware attacks.