The impact of recent ransomware attacks on critical infrastructure in the United States has provoked a backlash from the prosecutor's office.
An internal letter states that all inquiries for ransomware should be centrally coordinated by a newly established working group in Washington.
According to Reuters, the internal letter he says:
"To ensure that we can make the necessary connections between national, global affairs and research, which will allow us to develop a comprehensive picture of the national and economic threats we face, we need to strengthen and consolidate our internal monitoring."
This model of research and collaboration is used in only a few areas of national concern better safety, e.g. terrorism. According to US officials, this shows how the ransomware issue is given immediate priority.
According to Reuters, this means that the researchers they should share details of the case and active technical information with a team leading the investigation from Washington. It also means they will have guidance from Washington on how to proceed. If the new model is implemented, it will likely lead to a better understanding of the ransomware landscape.
In his recent executive order to improve cyber security, President Biden has already pointed out that the United States is facing persistent and increasingly sophisticated cyber malware campaigns. The second part of the letter entitled "Removing barriers to the sharing of threat information" seems to be starting a new collaboration.
This is an international collaboration called Task Force Ransomware (RTF). It is a think tank consisting of more than 60 volunteer experts representing organizations, industries and governments. In his report (PDFRTF recommends that any ransomware be treated as a threat to national security.
"The attacks μέσω λογισμικού έχουν κλείσει επιχειρήσεις κρίσιμων εθνικών πόρων, συμπεριλαμβανομένων στρατιωτικών εγκαταστάσεων. Το 2019, μια επίθεση ransomware σταμάτησε τις επιχειρήσεις της Ακτοφυλακής των ΗΠΑ για 30 ώρες και τον Φεβρουάριο του 2020, μια επίθεση ransomware σε έναν φορέα εκμετάλλευσης αγωγών φυσικού αερίου διέκοψε τις επιχειρήσεις για δύο ημέρες. Οι επιθέσεις στο ενεργειακό δίκτυο, σε πυρηνικά εργοστάσια, εγκαταστάσεις processingof waste or to any number of critical assets could have catastrophic consequences, including human casualties.”