- What is AI networking? How it automates your infrastructure (but faces challenges)
- I traveled with a solar panel that's lighter than a MacBook, and it's my new backpack essential (and now get 23% off for Black Friday)
- Windows 11 24H2 hit by a brand new bug, but there's a workaround
- This Samsung OLED spoiled every other TV for me, and it's $1,400 off for Black Friday
- How to Protect Your Social Media Passwords with Multi-factor Verification | McAfee Blog
Ransomware Task Force Urges Tighter Crypto Regulation
A taskforce of security industry experts has called for tighter regulation of the cryptocurrency sector in a bid to tackle the global ransomware epidemic.
Convened by the Institute for Security and Technology and trialled since last December, the Ransomware Task Force (RTF) is a team of over 60 experts from software companies, cybersecurity vendors, government agencies, non-profits, and academic institutions.
Its framework document makes five key recommendations to tackle the cyber-threat. The most eye-catching of these is that governments require cryptocurrency exchanges, crypto kiosks, and over-the-counter (OTC) trading ‘desks’ to adhere to the same regulatory standards as banks. That means following anti-money laundering (AML), Know Your Customer (KYC) and Combatting Financing of Terrorism (CFT) laws.
Other recommendations include that the US government “execute a sustained, aggressive, whole of government, intelligence-driven anti-ransomware campaign, coordinated by the White House.”
It emerged last week that a new Department of Justice taskforce will work to manage efforts across the federal government to disrupt C&C infrastructure, seize profits, coordinate training and intelligence sharing and more to try and disrupt ransomware groups.
The RTF also called for prioritized law enforcement efforts across jurisdictions and “a clear, accessible, and broadly adopted” international framework to help organizations prepare for, and respond to, ransomware attacks.
However, some security experts were skeptical about the RTF’s recommendations.
ImmuniWeb founder, Ilia Kolochenko, argued that even if cryptocurrencies were regulated, cyber-criminals would find ways to bypass regulations. Indeed, the current AML regulatory regime is widely seen to have failed.
“I’d rather suggest treating the root cause of ransomware: the widespread lack of basic cyber-hygiene,” Kolochenko argued.
“Even the largest organizations from regulated industries often fail to follow the basics: maintain an up-to-date asset inventory, implement risk-based and threat-aware security controls, perform continuous security monitoring and anomaly detection, conduct ongoing security training and awareness, maintain software and patch management programs, and to enforce centralized identity management.”
