Intelligence-driven disruption of ransomware campaigns

By Neil Jenkins and Matthew Olney.

Note: Our guest co-author, Neil Jenkins, is the Chief Analytic Officer at the Cyber Threat Alliance. He leads the CTA's analytic efforts, focusing on the development of threat profiles, adversary playbooks and other analysis using the threat intelligence in the CTA Platform. Previously, he served in various roles within the Department of Homeland Security, Department of Defense, and Center for Naval Analyses, where he spearheaded numerous initiatives tied to cybersecurity strategy, policy and operational planning for both the public and private sectors.

As the headlines show, ransomware has become a threat to national security, life safety and critical infrastructure. As a result, the U.S. Department of Justice recently announced it would be giving ransomware attacks priority similar to that as terrorism. None of this is a surprise to the more than 60 experts who came together this year under the umbrella of the Ransomware Task Force (RTF), an effort to produce a comprehensive set of recommendations to international governments and private-sector partners on how to address this threat. In fact, the report — issued just days before the Colonial Pipeline attack — begins by saying, "Ransomware attacks present an urgent national security risk around the world."

As contributors to the report, we'd like to drill into the second priority recommendation issued by the group, calling for "...a sustained, aggressive, whole of government, intelligence-driven anti-ransomware campaign…" To a large extent, we have left the private sector to deal with the ransom ..

Support the originator by clicking the read the rest link below.