The White House on Thursday announced a flurry of actions launched by a new interagency task force to combat ransomware.
The updates on the White House’s plan to tackle ransomware comes on the heels of the third major ransomware attack to pose a serious threat to the U.S. national security in as many months. The Russia-tied group REvil hit Florida-based IT firm Kaseya earlier this month, potentially affecting more than 1,500 companies. The group’s websites recently went dark for reasons that are still unclear.
A senior administration official declined to comment on whether the United States has or will take action against the group.
Chief among the White House task force’s new efforts is to cut groups like REvil off from virtual currencies, which they use to collect ransom from victims and sell services to affiliates.
The Treasury Department will support the implementation of money laundering requirements for virtual currency exchanges and building partnerships with the industry to track the currency in real time. The Financial Crimes Enforcement Network will announce a new public-private information sharing group that will include financial institutions, technology firms, third-party service providers and federal government agencies.
Many of the recommendations align with those made in April by a nonprofit task for comprising than 60 experts from industry, government, nonprofits and academia. White House officials and members of Congress have held meetings with members of the task force to discuss the report in recent weeks.
“The exploitation of virtual currency to launder ransomware proceeds is without question, facilitating ransomware,” a senior administration official told reporters. “There’s inadequate international regulation of virtual currency activity, which is a key factor in how cybercriminals are able to launder their funds, demand ransomware payments and fuel sophisticated cybercrime as a service business model.”
The Treasury Department is working toward international virtual currency standards under the G7’s Financial Action Task Force and has been reaching out to foreign governments about building capacity for international oversight, the senior official noted. The agency is also exploring expanded partnerships with cybersecurity insurers who are struggling under the weight of increased ransomware attacks, the official said.
While the task force is currently exploring what can be done to tackle the cryptocurrency problem with existing regulations and voluntary authorities, the senior official didn’t rule out the possibility of the need for more.
The focus on cryptocurrency is aimed at giving the United States more visibility into ransomware activity.
“One key gap we do have in the U.S. is really full visibility into ransomware activity, which is important in order to give us the data we need for law enforcement efforts, for disruptive efforts, for thoughtful policy efforts that are really built on an understanding of the ransomware ecosystem,” the official said.
Other tracks being pursued by the task force include working with public and private partners to promote resilience against ransomware and requiring reporting of ransomware incidents and payments. The State Department will offer up to $10 million for tips that lead to the identification of state-sponsored hacking against critical infrastructure.
Government officials also continue to work on benchmarks set by a May executive order to improve security standards for software used by the government. So far benchmarks set in the report have been met on time or ahead of time, the official said.