Representatives from CISA, the FBI, the DOJ, cybersecurity companies, and the private sector held their first meeting last week as part of the Joint Ransomware Task Force (JRTF), an inter-agency project launched earlier this year by the US Congress through CIRCIA to counter and fight against the rising threat posed by ransomware attacks.
😎Cool News! @CISAgov is kicking off the Joint Ransomware Task Force as est. in CIRCIA, to be co-led by CISA & @FBI. Psyched to announce this during my chat w/@marcwrogers @IST_org’s event today! Big 🙏to IST #RansomwareTaskForce for your leadership & partnership. Let's do this! pic.twitter.com/7f0nkOvYhM
— Jen🛡Easterly (@CISAJen) May 20, 2022
The meeting, headed by CISA and FBI officials, focused on establishing a set of primary goals on which the JRTF members will focus their upcoming efforts.
According to a CISA press release of the meeting’s minutes, the Task Force plans to take both an offensive and defensive approach to dealing with this uniquely modern problem.
On the offensive side, the JRTF plans to put together “a list of highest threat ransomware entities” and then prioritize “operations to disrupt specific ransomware actors.”
On the defensive side, the JRTF said it plans to collect and analyze ransomware trends and then work with federal and private sector entities “to increase adoption of defensive measures to reduce the prevalence of successful ransomware intrusions.”
Eric Goldstein, Executive Assistant Director for Cybersecurity, CISA, and Co-Chair of the JRTF, said these were “necessary steps to synchronize [their] efforts” for “a future where ransomware no longer afflicts American organizations.”
The announcement is bound to please many members of the cybersecurity community, many of which have detailed dossiers on most ransomware gangs and their members, and have long called for a more proactive approach in going after these gangs, be it through formal criminal cases or by forcing server infrastructure offline.
But how quickly JRTF’s crackdown on top ransomware gangs will come is another topic of discussion, mainly because this is a mammoth coordination effort, the project is still new, and bureaucracy is still king.