Ransomware attacks have escalated in frequency and magnitude, crossing the $1 billion threshold in total payments for the first time in 2023, as detailed in the latest report from the Ransomware Task Force (RTF) published on Wednesday.
The report, titled “Doubling Down,” spans 36 pages and was released in April 2024. It underscores the persistent menace of ransomware despite extensive countermeasures by various sectors, including government bodies, civil society, technical groups, and the private sector.
Originating from the Institute for Security and Technology (IST)—a think tank based in California—the report follows up on the “Combating Ransomware: A Comprehensive Framework for Action” from 2021. It notes modest advancements against an array of significant, lingering challenges.
Of the 48 recommendations initially proposed in the 2021 document, the new report reveals that only half have been substantially acted upon. Twenty remain in early stages of implementation, while four have not been addressed at all.
The IST is advocating for intensified efforts to enact the outstanding recommendations, especially those that necessitate legislative measures by the U.S. government. “Although governments have set commendable systems in place, our evaluation indicates that the United States is not fully leveraging these mechanisms,” the report states.
To highlight and promote action on these unmet recommendations, the IST has initiated the “#24in24” campaign, coinciding with the report’s release and a special event on Wednesday on X platform.
The day-long event features five discussion panels, three keynote speeches, and two fireside chats with 42 specialists from the ransomware sector. It aims to focus on the remaining 24 recommendations and strategies to enhance national and international efforts against ransomware threats.
Discussion at the event will also address tactics to dismantle the ransomware business model, decrease criminal profits, enhance organizational preparedness against attacks, and improve response effectiveness to such incidents.
The report includes alarming statistics from 2023, noting a 37% surge in ransomware attacks on critical infrastructure as reported to the FBI compared to the previous year. Overall, ransomware incidents rose by approximately 18%, costing victims over $1 billion in cryptocurrency payments.
Google’s statistics indicate that in 2023, four ransomware groups exploited six zero-day vulnerabilities affecting products like MOVEit and GoAnywhere file-transfer services, Citrix networking products, and PaperCut print management software, each creating hundreds of victims.
Furthermore, security firm Sophos noted that 25% of the ransomware attacks in the financial sector involved both data encryption and data exfiltration.
Areas still in need of action, as highlighted by the RTF, include harmonizing incident reporting mechanisms to reduce the burden on victims, expanding international cooperation through better information sharing, and enhancing efforts to deter and disrupt attacks.
The RTF is urging governments to adopt concrete measures to curb ransomware profitability, promote collaborations between public and private sectors and U.S. government cybersecurity agencies like the National Institute of Standards and Technology (NIST) and the Cybersecurity Infrastructure and Security Agency (CISA). Additionally, it calls for increased financial commitments for preparedness and response.
Achieving significant disruption of ransomware activities on a large scale will require concerted efforts from all involved parties—governments, civil society, and the private sector. The RTF emphasizes the necessity for greater government transparency in addressing ransomware, given the high stakes of national security, economic impact, and disruption to critical services.
