The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) co-chaired the second meeting today of the Joint Ransomware Task Force (JRTF), an inter-agency body established by Congress to unify and strengthen efforts against the ongoing threat of ransomware. The first JRTF meeting was held in September 2022.
In today’s meeting, the JRTF reviewed efforts and actions aimed at reducing the prevalence and impact of ransomware incidents. JRTF members discussed activities undertaken by Working Groups, including:
- Victim Support: Standardizing and synchronizing federal engagement with ransomware victims to offer services and assess any gaps to ensure that victims of ransomware incidents receive the necessary support to restore services and minimize damage.
- Measurement: Collecting data and metrics that will improve the cybersecurity community’s collective understanding of ransomware affecting U.S. organizations and trends associated with actors, victims, and impacts, which will in turn inform U.S. government actions to counter the threat, provide more actionable guidance, and evaluate progress.
- Partner Engagement: Expanding operational collaboration and multi-directional intelligence sharing between JRTF members and non-governmental partners including the private sector and the international community to more effectively prevent, detect, and respond to evolving ransomware campaigns.
- Continuous Improvement: Examining and compiling lessons learned from recent ransomware incidents in key sectors to address gaps in coordination, increase effectiveness of information sharing, and improve the federal government’s response and preparedness posture.
- Intelligence Integration: Leveraging the intelligence collection capabilities of all partners, process intelligence community analysis, and manage intelligence engagement with international partners to drive the planning and execution of synchronized JRTF operations.
- Campaign Coordination: Organizing existing interagency campaigns to disrupt ransomware actors and strengthen national cyber defense against ransomware operations, while also collaborating with relevant partners on new campaigns efforts.
“The task force has already made important strides in creating a foundation and unifying efforts to advance our shared efforts against ransomware threats,” said Eric Goldstein, Executive Assistant Director for Cybersecurity, CISA, and Co-Chair of the JRTF. “The JRTF has unified capabilities and resources across the U.S. government to an unprecedented extent. We will continue to accelerate progress and work closely with partners across the cybersecurity community to drive measurable progress in reducing the prevalence of damaging ransomware events affecting American organizations.”
“The FBI is determined to leverage our unique capabilities to combat the ransomware threat alongside our federal partners,” said Bryan Vorndran, Assistant Director of FBI Cyber Division and Co-Chair of the JRTF. “The JRTF demonstrates how the FBI sees cyber as the ultimate team sport and remains committed to public and private partnerships integral to dismantling ransomware networks and holding criminal actors accountable.”
