Fed Ransomware Task Force Focuses on State, Local Collaboration


The Federal government’s Joint Ransomware Task Force (JRTF) came together for its inaugural meeting to discuss new initiatives aiming to collaborate with state, local, tribal, and territorial entities to protect against ransomware intrusions and disrupt malicious actors.

The Cybersecurity and Infrastructure Security Agency (CISA) co-chaired the meeting with the Federal Bureau for Investigation (FBI) nearly four months after CISA Director Jen Easterly announced the formation of the JRTF – an interagency body established by Congress to strengthen efforts against the ongoing threat of ransomware.

The task force’s plans were originally outlined in the Cyber Incident Reporting for Critical Infrastructure Act of 2022, which was signed into law earlier this year.

“Significantly reducing the prevalence and impact of ransomware intrusions requires deep collaboration and coordination across the public and private sectors,” Eric Goldstein, executive assistant director for cybersecurity at CISA, and co-chair of the JRTF, said in a press release.

“With our close partners at the FBI and other government agencies and benefiting from the expertise and capabilities of the private sector, this task force will take the necessary steps to synchronize our efforts and implement actions that can help lead to a future where ransomware no longer afflicts American organizations,” he added.

According to the release, the JRTF will unify existing efforts to combat ransomware as well as establish new actions to effectively leverage the unique authorities and capabilities across government and the private sector.

At the meeting, agencies discussed how the task force can be utilized to improve coordination and make measurable progress in addressing the ongoing ransomware threat. They pinpointed four key actions:

  • Prioritizing operations to disrupt specific ransomware actors;
  • Facilitating collaboration between Federal entities, private sector and state, local, tribal, and territorial entities to improve actions against ransomware threats, including efforts to increase adoption of defensive measures to reduce the prevalence of successful ransomware intrusions;
  • Identifying a list of highest threat ransomware entities updated on an ongoing basis; and
  • Collecting, sharing, and analyzing ransomware trends.

“The FBI’s commitment to combating the ransomware threat has never wavered and continues to be a top focus,” said FBI Assistant Director of Cyber Division Bryan Vorndran, who also serves as co-chair of the JRTF. “The Joint Ransomware Task Force signifies the FBI’s continuance to ensure safety, security, and confidence in a digitally connected world, and we’re looking forward to coordinating the threat with a whole-of-government approach.”

The task force’s first meeting followed the news that the Los Angeles Unified School District was hit by a ransomware attack. CISA then released a Cybersecurity Advisory to warn the education sector about the frequent targeting of K-12 schools in ransomware attacks.