The second meeting of the U.S. Joint Ransomware Task Force held on Wednesday assessed measures and efforts to address the impact and prevalence of ransomware attacks.

Jointly chaired by the Cybersecurity and Infrastructure Agency and Federal Bureau of Investigation, the JRTF was founded by Congress as an interagency body to strengthen efforts against the ongoing ransomware threat.

The task force discussed activities undertaken by working groups, including victim support. One working group is looking at standardizing and synchronizing federal engagement with ransomware victims to offer services and assess gaps to ensure that victims of ransomware incidents receive the necessary support to restore services.

Because there’s no such thing as a government agency that doesn’t like data, the meeting discussed collecting data and metrics that will improve the cybersecurity community’s collective understanding of ransomware and trends associated with actors, victims and impacts. The data will inform government actions to counter the threat of ransomware, provide more actionable guidance and evaluate progress.

Expanding operational collaboration was also on the agenda at the meeting. The need for intelligence sharing between JRTF members and nongovernmental partners was emphasized to prevent, detect and respond to evolving ransomware campaigns effectively. Examining and compiling lessons learned from recent ransomware incidents was highlighted as a way to address coordination gaps, increase information-sharing effectiveness and improve response and preparedness posture.

The meeting also discussed the need for campaign coordination, including organizing existing interagency campaigns to disrupt ransomware actors and strengthen national cyber defense against ransomware operations.

“The JRTF has unified capabilities and resources across the U.S. government to an unprecedented extent,” Eric Goldstein, executive assistant director for cybersecurity, CISA and co-chair of the JRTF, said in a statement. “We will continue to accelerate progress and work closely with partners across the cybersecurity community to drive measurable progress in reducing the prevalence of damaging ransomware events affecting American organizations.”

Commenting on the meeting, Adam Flatley, director of threat intelligence at cybersecurity provider Redacted Inc., told SiliconANGLE that “it’s good to see that the JRTF continues to solidify its mission and build processes to support that mission.”

“Both CISA and the FBI are well-positioned to do great things in the cyber defense space and important parts of the ransomware actor disruption space,” Flately added. “What remains to be seen is whether or not the JRTF will be properly empowered to truly leverage the whole of the US Government intelligence community to counter ransomware actors who operate from sanctuary in countries like Russia where many ransomware gangs reside.”

Image: TheDigitalArtist/Pixabay