Ransomware attacks are growing in popularity and have the potential to cause major disruption, especially when they hit hospitals or schools. In response, a Ransomware Task Force (RTF) is being created by a 19 companies, including Microsoft and McAfee.
As ZDNet reports, we won't see the RTF's presence on the web until January, but its intention is clear. The objective of the RTF is to create "a standardized framework for dealing with ransomware attacks across verticals, one based on an industry consensus rather than individual advice received from lone contractors." In other words, whenever a ransomware attack is discovered there should be an optimal way of dealing with it, and the RTF intends to figure out what that is.
The 19 companies signed up to the RTF so far include:
- Aspen Digital
- Citrix
- The Cyber Threat Alliance
- Cybereason
- The CyberPeace Institute
- The Cybersecurity Coalition
- The Global Cyber Alliance
- The Institute for Security and Technology
- McAfee
- Microsoft
- Rapid7
- Resilience
- SecurityScorecard
- Shadowserver Foundation
- Stratigos Security
- Team Cymru
- Third Way
- UT Austin Stauss Center
- Venable LLP
According to the Institute for Security and Technology, "This crime transcends sectors and requires bringing all affected stakeholders to the table to synthesize a clear framework of actionable solutions, which is why IST and our coalition of partners are launching this Task Force for a two-to-three month sprint." With that in mind, we should be looking for the first standardized guidance from RTF by April.
Typically, a ransomware attack sees a company scramble to find a security expert who can help, which ultimate means the quality of advice will vary depending on where you are in the world and how much a company is willing to pay for that help. Hopefully the RTF goes a long way towards rectifying the situation and could result in security companies around the world offering an RTF-endorsed ransomware response service to customers.