5 urgent actions in the fightback against ransomware

(Credit: Unsplash)

This article is brought to you in association with the European Commission.

• Criminal organizations are using ransomware to exploit vulnerabilities during the pandemic.

• Ransomware attacks have both a financial and a human cost.

• 65 business, non-profit and government organizations have banded together to form the Ransomware Task Force.

With the world still reeling from the effects of COVID-19, bad actors are stepping up efforts to capitalize on the global unrest with varying degrees of success. None have found so much success – and caused so much damage – as the criminal enterprises that have employed ransomware to threaten industry, commerce, education and lives in ways that transcend geopolitical boundaries.

Members of the World Economic Forum are familiar with how ransomware works, as criminals deploy malware that encrypts data on a victim’s IT network, making it inaccessible to them until a ransom is paid – often in the form of cryptocurrency. What many are not aware of is just how pervasive this activity has become, and how destructive it is in terms that go well beyond financial losses.

The average ransom paid by victimized organizations has more than doubled in the COVID-19 era, reaching $312,493 last year, according to the 2021 Unit 42 Ransomware Threat Report. Those figures tell just part of the economic story, as the cost of system downtime and recovery often eclipses the ransom payment. And the human toll is even more dire. Ransomware stops hospitals, educational institutions and governments from operating effectively, or it sometimes shuts them down entirely for days or weeks.

During a ransomware attack, IT administrators often struggle to recover data and restore operations, while employees are idle. Meanwhile, senior leaders engage in intense internal deliberations, debating whether to pay the ransom or tough it out through the remediation process. In the interim, patients in hospitals lose access to chemotherapy doses and operations are delayed. Logistics providers find themselves unable to deliver COVID-19 vaccines. Children go uneducated. And municipal and regional governments stop providing basic services.

This toll on society is why global leaders must act.

Thankfully, they are doing so. More than 65 software companies (including some longstanding and fierce competitors), cybersecurity vendors, government agencies from US and European countries, non-profits and academic institutions have joined forces to tackle this insidious threat. Under the moniker of the Ransomware Task Force (RTF), this group of industry leaders has developed a clear, structured set of recommendations that, if resourced and implemented, could rapidly reduce the impact of ransomware on society.

Their names are familiar to anyone who has gathered in Davos: Microsoft, Amazon Web Services, Palo Alto Networks, Rapid7 and McAfee, just to name a handful. These businesses have provided workhorses, not show horses, collaborating to fight a problem that is simply too endemic for any one company, industry or government to mitigate on its own. The fact that they have come to that collective realization speaks volumes about the size of this effort.

The Task Force’s recommendations, published in a recent report entitled Combating Ransomware: A Comprehensive Framework for Action, outline actions that governments, businesses and non-profits can take to deter ransomware criminals and disrupt their business model. While the report directs many of its recommendations at the US government due to task force members’ strong connections there, the report also calls on other national governments and industries to work together as part of a global, collaborative effort to stem the tide of these attacks.

The primary objective of these actions is to deter ransomware criminals; help organizations prepare for and defend against attacks; undermine the practices that make ransomware so lucrative; and respond to ransomware attacks more effectively.

While there are too many recommendations in the 81-page report to list here, the RTF identifies five critical and urgent actions that form the backbone of its comprehensive framework:

1. International diplomatic and law enforcement agencies must declare ransomware a priority and carry out a comprehensive and resourced strategy, which would include measures to prevent nation states from providing safe haven to ransomware organizations.

2. The White House should coordinate an aggressive, sustained and intelligence-driven “whole-of-government” operational campaign, working more closely together with private industry and other governments, to fight ransomware.

3. Governments need to create cyber response and recovery funds; require that businesses and other organizations report ransom payments; and mandate that organizations consider alternatives before making payments.

4. The international community should coordinate efforts to develop a single, widely adopted Ransomware Framework that will help organizations prepare for and respond to ransomware attacks.

5. Governments must regulate the cryptocurrency sector more closely, and ensure exchanges, kiosks and over-the-counter trading desks comply with existing regulations, including know your customer, anti-money laundering, and combatting financing of terrorism laws.

If enacted together, these steps would result in immediate and longer-term benefits, and show cybercriminals that ransomware is no longer an easy and safe strategy for financial gain.

What is the World Economic Forum doing on cybersecurity

The World Economic Forum’s Centre for Cybersecurity is leading the global response to address systemic cybersecurity challenges and improve digital trust. We are an independent and impartial global platform committed to fostering international dialogues and collaboration on cybersecurity in the public and private sectors. We bridge the gap between cybersecurity experts and decision makers at the highest levels to reinforce the importance of cybersecurity as a key strategic priority. https://www.youtube.com/embed/3JY4BZfV_LA?enablejsapi=1&wmode=transparent World Economic Forum | Centre for Cybersecurity

Our community has three key priorities:

Strengthening Global Cooperation – to increase global cooperation between public and private stakeholders to foster a collective response to cybercrime and address key security challenges posed by barriers to cooperation.

Understanding Future Networks and Technology – to identify cybersecurity challenges and opportunities posed by new technologies, and accelerate forward-looking solutions.

Building Cyber Resilience – to develop and amplify scalable solutions to accelerate the adoption of best practices and increase cyber resilience.

Initiatives include building a partnership to address the global cyber enforcement gap through improving the efficiency and effectiveness of public-private collaboration in cybercrime investigations; equipping business decision makers and cybersecurity leaders with the tools necessary to govern cyber risks, protect business assets and investments from the impact of cyber-attacks; and enhancing cyber resilience across key industry sectors such as electricity, aviation and oil & gas. We also promote mission aligned initiatives championed by our partner organizations.

The Forum is also a signatory of the Paris Call for Trust and Security in Cyberspace which aims to ensure digital peace and security which encourages signatories to protect individuals and infrastructure, to protect intellectual property, to cooperate in defense, and refrain from doing harm.

For more information, please contact us.

The ongoing efforts within the World Economic Forum’s Partnership Against Cybercrime strongly position members to lead the implementation of many of these recommendations. Indeed, World Economic Forum members are uniquely positioned to do so, and have the means and influence to help wage this battle. The RTF’s report should be the beginning of a global conversation that extends through the World Economic Forum Special Annual Meeting 2021 in Singapore, with the world joining forces to mitigate a problem that threatens us all.

the sting Milestones

Featured Stings

Can we feed everyone without unleashing disaster? Read on

These campaigners want to give a quarter of the UK back to nature

How to build a more resilient and inclusive global system

Stopping antimicrobial resistance would cost just USD 2 per person a year

This farmer used an age-old technique to save his soil and now his farm is prospering

Stronger partnerships with post-conflict countries needed to ensure ‘path towards durable peace’: UN chief

EU consumer rules: Airbnb cooperates with European Commission and EU consumer authorities improving the way it presents offers

Assembly President launches new initiative to purge plastics and purify oceans

To feed 10 billion people, we must preserve biodiversity. Here’s how

Fragile countries risk being ‘stuck in a cycle of conflict and climate disaster,’ Security Council told

State aid: Commission approves €1.4 billion Swedish scheme to support uncovered fixed costs of companies affected by coronavirus outbreak

Women’s rights: MEPs call for action to fight backlash against gender equality

Tax crimes: MEPs want EU financial police force and financial intelligence unit

Reusable packaging: 6 benefits beyond sustainability

Our present and future tax payments usurped by banks

Aviation Safety: Commission adopts new EU Air Safety List

This is how COVID-19 is affecting informal workers

Eurozone stagnates after exporting its recession to trading partners

Juncker Plan reaches almost €410 billion in triggered investment across the EU

Technology can transform clinical practice – here’s how

Knowledge management and entrepreneurship: short term vs. long term perspective

The Cold War had an unintended side effect: It created a European wildlife paradise

‘Counter and reject’ leaders who seek to ‘exploit differences’ between us, urges Guterres at historic mosque in Cairo

MWC 2016 LIVE: Xiaomi looks to revive growth with flagships

How our food system is eating away at nature, and our future

Medical workforce migration in Europe – Is it really a problem?

Four things workers want implemented by their bosses post-pandemic

‘Unlock opportunities’ and pave the way for sustainable development, UN chief urges on World Population Day

This Japanese experiment shows how easily coronavirus can spread – and what you can do about it

EU and Georgia sign Financing Agreements for COVID-19 Recovery worth €129 million

Security Council urges countries to factor child protection into conflict prevention efforts

Peer-to-peer learning: a way to develop medical students’ trainings

The Fourth Industrial Revolution is driving Globalization 4.0

MEPs demand safe and clean travel

3 ways to stop COVID-19 from drying up start-up talent pools

European Business Summit 2015: In search of a vision for the future

Apple® logo (copyright: Apple)

Apple takes further step into music: EU Regulators formally approve its planned Shazam acquisition

How do we upskill a billion people by 2025? Leadership and collaboration will be key

Palliative care: an indispensable component for a better quality of life

Idea of ‘homogenous’ Polish culture is a myth: UN human rights expert

Unity, regional cooperation and international support needed for Horn of Africa to develop sustainably

How we can work together in the fight against NCDs

The first-ever climate telethon has raised $2.6 million for new forests

Parliament approves seven-year EU budget 2021-2027

Anti-terror measures against youngsters’ online posts ‘linked to spike in child detention globally’

Hiring more female leaders is good for profits. Here’s the evidence

More than nine in ten children exposed to deadly air pollution

How the world’s best teacher is changing lives in Africa

Coronavirus: Commission approves contract with BioNTech-Pfizer alliance to ensure access to a potential vaccine

Mindfulness: a freedom we can still have in the pandemic

Obama turns the G20 summit into warmongering platform

Cheese energy could power hundreds of UK homes

COVID-19: MEPs fear impact on justice system and threat to rule of law

Greek citizens to pay the price again but Tsipras risks losing next elections

5 lessons for community-focused planning during a pandemic

The challenge to be a good healthcare professional

Mental health In Times of a Pandemic: What can each Individual to lessen the Burden.

WHO and UNICEF in campaign to protect 1.6 million in Sudan from cholera

UN ready to rise above political fray and help Venezuelans based ‘on need, and need alone’

Commission notifies the Republic of Panama over the need to step up action to fight against illegal fishing

This man is helping explorers carry out scientific research at the ends of the Earth

CLIMATE CHANGE FOCUS: Cows, coffee and sustainable farming

“Smoking steam instead of tobacco, are the E-cigarettes a safer alternative?”

Wages are flatlining around the world – is automation to blame?

More Stings?

Speak your Mind Here

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s