Cybersecurity officials from Amazon, Microsoft, the FBI and other major tech and government agencies are insisting the U.S. double down on ransomware protections as attacks against healthcare and government organizations escalate, according to an April 30 Wall Street Journal report.
A working group composed of dozens of technology companies and representatives from the FBI, Department of Homeland Security and the U.S. Secret Service published a report April 29 describing the threat ransomware is posing to the country as well as changes to combat it.
“[Ransomware has] risen to the level of a national security threat," said Philip Reiner, CEO of cybersecurity nonprofit Institute for Security and Technology, according to the report. "And when that is understood and accepted, that means you can shift priorities, for instance, within the intelligence community or within law enforcement."
The report cited an October 2020 ransomware attack on the University of Vermont Medical Center as one of the latest victims of the escalation in ransomware attacks; at the time, the hospital said it cost about $1.5 million each day its systems were down.
The working group also recommends treating ransomware gangs like most major criminal organizations by expanding the Racketeer Influenced and Corrupt Organizations Act to target ransomware gangs as well as tightening regulations of cryptocurrency markets, which are often used to facilitate ransomware payments.
One of the major issues with fighting ransomware, Mr. Reiner said, is that gangs are often located in jurisdictions that don't have extradition agreements with the U.S. These cybercriminals might also have support from other governments, which means the U.S. must pursue diplomatic-level efforts in tandem with other legal and economic actions to resolve attacks.