Why the reluctance to report ransomware attacks is hindering the fight against cyberattacks

Federal officials are urging more victims to report ransomware attacks to curb cyberattacks. Despite the formation of the Ransomware Task Force two years ago, a coalition of cybersecurity companies, public sector organizations, and federal agencies, ransomware attacks remain a significant challenge, with attacks seemingly becoming more severe and brazen. Cybersecurity stakeholders are concerned about the dearth of data related to the attacks and the attackers, which could inform some of the still unaddressed recommendations from the group’s 2021 report. One of the significant challenges is the reluctance of victims to report attacks, with only about 20% of those affected by the attacks reporting them. Stakeholders believe that if this number can move from 20-30% to up to 70-80%, better data collection can help inform new ways of disrupting ransomware efforts, extending how long the disruptions last, and ensuring that these disruptions are a foundational impact on the infrastructure of the people and the money laundering networks that make the actions possible.

Attitudes have, however, shifted slightly from whether or not to report attacks, to when to report them to law enforcement. Improved data led to the launch of newer programs such as the Cybersecurity and Infrastructure Security Administration’s pre-ransomware notification program, which has led to 150 notifications made to a range of entities to prevent attacks. Congress’ cybersecurity reporting legislation passed last year will also improve CISA’s data on attacks. The Ransomware Task Force updated its report on ways to encourage better reporting and data collection, recommending that the U.S. government consider incentives for reporting, citing the tax structures and incentives in the National Cybersecurity Strategy.

The U.S. government has made significant progress on the task force’s 2021 recommendations, with 92% of the 48 recommendations seeing some degree of action and 50% experiencing significant progress, including through legislation and policy adoption. To tackle the rising ransomware challenge, the U.S. government has launched an international coalition to combat ransomware criminals called the Counter Ransomware Initiative, with over 30 countries involved. In conclusion, there is still more work to be done to intensify efforts to prevent cyberattacks and ransomware, and stakeholders must continue to look for ways to encourage reporting and collect better data to unabatedly curb threats.

Cybersecurity.-cybersecurity,ransomware,databreach,incidentresponse,reporting,cybercrime,cyberdefense