The UK’s National Cyber Security Centre has announced that it will be working with the Ransomware Task Force, with the aim of developing a framework to overcome the increasing threat of ransomware worldwide.

What is the Ransomware Task Force?

The Ransomware Task Force (also known as the RTF) was formed early this year by a US-based team of participants. These participants came together from a diverse range of sectors and industries, including government agencies, cybersecurity firms, financial services companies, academic institutions and non-profit organisations. Some big household names are involved in the development of the new framework, such as Microsoft, Amazon and the FBI. It’s clear that the threat of ransomware is now being taken extremely seriously, and the RTF has already submitted a list of more than 50 key recommendations to President Biden’s administration.

Why is ransomware now considered such a threat?

While it’s true that ransomware attacks have been around for many years now, they have recently increased exponentially in both frequency and scope. Cyber criminals are now commonly targeting key components of state infrastructure, such as local councils, schools and hospitals, with the RTF saying that “ransomware has become a serious national security threat and public health and safety concern”. Cyber criminals are now threatening to publicly release stolen personal data if ransoms are not paid, making this an issue that now has the potential to affect every one of us, not just business or organisation leaders.

The UK has seen a significant rise in ransomware attacks, with the NCSC reporting an unprecedented threefold increase in the number of ransomware attacks tackled in 2020. Hackney Borough Council was one of those affected in 2020, with the costs of the damage caused expected to exceed £10 million and take many months to remedy.

Worrying figures

Meanwhile, in the USA the FBI estimates that almost 2,400 businesses, local governments, healthcare facilities and schools were targeted by cyber criminals using ransomware. RTF research also found hundreds of similar attacks took place around the world. While the perceived stigma and subsequent secrecy that often accompany a ransomware attack mean that it can be very difficult to get a true picture of the number of crimes taking place, cyber security firm Emsisoft puts the global costs in 2020 between a minimum $42 billion and a staggering $170 billion. These costs include a total of the many factors that can make a ransomware attack so ruinous for those affected, such as interruption to normal operations and ransom payments.

Indeed, a survey carried out by Veritas Technologies found that 66% of those targeted pay the ransom demanded, either in part or in full. The RTF report has therefore included the recommendation that governments make it mandatory for organisations to report such ransom payments, as this will help to clarify the scale of the problem.

The RTF plan

The objectives set out by the RTF are designed to deter and disrupt the cyber criminals (including potentially state-sponsored parties) from carrying out ransomware attacks, while simultaneously helping to ensure that organisations around the world are prepared for such an attack. The framework that they have developed has drawn on all of the expertise found in their partnering organisations, in order to determine best practices across a range of sectors, targeting gaps in solution application and identifying solutions at all stages of the ransomware kill chain.

How the UK is reacting to the threat

Following the surge in ransomware attacks seen in 2020, particularly on the NHS and schools that were already struggling to operate in the face of the Covid pandemic, the UK government brought in some key initiatives. These initiatives include the NCSC’s Early Warning Service and Active Cyber Defence measures. Hopefully, in conjunction with adopting the recommendations laid out in the RTF framework, the UK can start to effectively fight back against the cyber criminals.