“Overall, as with last year, we remain optimistic that stakeholders will persist in the fight to combat ransomware.”
However, the RTF said that it will take awhile for the government and private sector to create a better process for sharing ransomware information, such as a standard format for ransomware incident reporting. In the meantime, the security industry needs to encourage voluntary sharing, according to the report.
The RTF cited several other roadblocks that remain in disrupting the ransomware landscape. The adoption of baseline security practices among businesses – especially small and medium-sized ones – continues to be slow. While the government can play a role in providing resources, awareness campaigns and tabletop exercises to promote the adoption of security best practices, other organizations across the industry, such as cyber insurers, can also develop incentives for businesses in improving their security. Meanwhile, other incentives, including ones to discourage ransom payments by small or medium-sized organizations hit by ransomware, can encourage businesses to make more informed decisions if they do fall victim.
The ransomware threat landscape in general has continued to evolve over the past year. The use of ransomware in data theft and extortion campaigns was down 20 percent last year as attackers instead turned to threatening data leaks rather than encrypting data, for instance. The average lifespan of ransomware strains in 2022 was also down (from 265 days in 2020 to 70 days in 2022).
“Overall, as with last year, we remain optimistic that stakeholders will persist in the fight to combat ransomware,” according to the RTF. “Progress improved significantly over the past year, and when combined with progress in the first year, these collective acts should begin to pay higher dividends in terms of reducing the impact of ransomware incidents as well as bringing additional, global stakeholders into this effort. In the coming year we expect to gain even further ground and continue to build the coalition combating ransomware.”