Financial Times: US tech pushes for ransomware to be designated a national security threat

Financial Times, Hannah Murphy features Resilience’s Chief Claims Officer & Co-Chair of the Ransomware Task Force, Michael Phillips in “US Tech pushes for ransomware to be designated a national threat.

Groups including Microsoft and Amazon call for measures to tackle lucrative criminal enterprises.

Big US tech companies and officials are urging governments to designate ransomware as a national security threat in a push to combat a hacking epidemic that has cost businesses tens of millions of dollars.

Tech groups including Microsoft, Cisco, and Amazon, cyber security companies such as FireEye, and officials from the FBI and US Department of Justice have published a report calling for a number of measures to tackle the lucrative criminal enterprise.

Ransomware involves hackers seizing control of organizations’ computer systems or data by installing illicit software, and returning the assets only after a ransom has been paid.

The public-private Ransomware Task Force argued that such attacks should be deemed a national security threat, pointing to the risk to citizens from a relentless assault on hospitals, local authorities, and critical infrastructure.

‍It called on governments to create international coalitions to tackle the problem and to “exert pressure on nations that are complicit or refuse to take action”, for example through sanctions or by withholding aid or visas.

‍The calls came two weeks after the US Treasury accused one of Russia’s intelligence services, the FSB, of “cultivating and co-opting” EvilCorp, one of the most notorious ransomware groups. Many cybercriminals operate outside of the jurisdiction of US authorities.

‍“Ransomware, in particular, is a tremendous collective action problem for a lot of reasons,” said Michael Phillips, chief claims officer at cyber insurance group Resilience and a co-chair of the task force.

‍He cited “the increased nation-state competition in the digital space and nations that are either unable or unwilling to enforce laws preventing sophisticated cybercriminals from launching these attacks or creating an ecosystem that supports them”.

‍Last week, the US justice department set up its own initiative for tackling ransomware.

‍Ransomware attacks have become increasingly prevalent as criminals have used cryptocurrencies such as bitcoin to collect payment without being tracked. Hackers have also begun hiring out their expertise in what is known as “ransomware as a service”.

‍Attacks have also proliferated in part because of a culture of silence among cybercrime targets, with companies nervous about reputational damage and hesitant to disclose when they have been hacked, experts said.

‍Estimates of the damage from attacks vary, but the US justice department said that ransom demands averaged more than $100,000 and in some cases were “up to the tens of millions of dollars”.

‍This week, the Metropolitan Police of DC confirmed that it had been hacked after a ransomware gang said it had stolen 250 gigabytes of data from the force and were trying to extort it and its informants.

‍Among its recommendations, the task force report called for a government-created “ransomware recovery fund” to support victims as well as more targeted efforts to disrupt criminals’ digital infrastructure, such as the servers they might need to operate.

‍It also recommended greater government oversight of cryptocurrency exchanges, kiosks, and over-the-counter markets to ensure they followed “know-your-customer” and anti-money-laundering laws.

‍Kemba Walden, assistant general counsel at Microsoft’s Digital Crimes Unit and a member of the task force, said that authorities and the cyber security community needed to move from a “disjointed, parochial” stance to target bad actors “as the criminal syndicates that they are” in a lucrative industry.

‍“The tactic for countering it has to really be able to shift that balance — making it less profitable and more costly to enter,” she said.‍

About Resilience
Resilience provides comprehensive insurance coverage and patented cybersecurity tools to protect mid-market companies. By bringing together security, insurance, and recovery, Resilience goes beyond risk transfer to help clients become cyber resilient. Resilience Insurance, the cyber program manager of Intact Insurance Specialty Solutions – rated A+ by A.M. Best – leverages Cyber Meteorology, a proprietary data-driven risk analytics platform, to provide highly targeted coverage and allowing for superior claims experience. Resilience is backed by Lightspeed Venture Partners, Founders Fund, CRV, Intact Ventures, UL Ventures, and John Thompson, Chairman of Microsoft. For more information, visit and follow us on Twitter and LinkedIn.