At the end of January, the inaugural meeting of the inter-agency working group to combat ransomware took place, initiated by the National Cyber and Information Security Agency (NÚKIB) in collaboration with the National Center Against Terrorism, Extremism, and Cybercrime (NCTEKK) of the Czech Police.
Representatives from 12 governmental authorities crucial to the fight against ransomware, both within and outside the security community, participated in the initial meeting of the working group. A representative from an entity that had previously faced a ransomware attack presented their experiences to the participants.
The newly formed working group draws on insights from the International Counter Ransomware Initiative, of which the Czech Republic has been a part since 2021. It will closely collaborate in overcoming challenges related to effectively combating ransomware. These challenges encompass not only technical aspects but also criminal, financial, organizational, and international facets that need to be addressed. "One of the goals of this working group is to fully leverage the competencies of relevant governmental stakeholders, strengthen mutual cooperation, and establish a unified strategic approach to the ransomware threat," stated Pavel Štěpáník, Deputy Director of NÚKIB who also represented the Czech Republic during the third International Counter Ransomware Summit in Washington DC (see here).
Ransomware generally refers to a type of attack where attackers typically encrypt and exfiltrate data from the targeted entity, demanding ransom for decryption or the return of stolen data. Often, attackers may publicly disclose or sell some of this data. Ransomware has long been considered one of the most serious cyber threats in the Czech Republic and abroad, with the expectation that this trend will continue. "In recent years, the state has been introducing new technologies into a significant part of its services, and one of the most serious consequences of ransomware attacks could be undermining public trust in these new digital services," noted Jiří Nový, Deputy Director for Cybercrime at NCTEKK, adding, "In the fight against the ransomware threat, emphasis is now necessary on prevention rather than punitive measures."
It is a fact that attackers often conduct their attacks from abroad, utilizing sophisticated tools to ensure a high level of anonymity. Therefore, it is essential to establish a national platform where conceptual solutions for combating the ransomware threat, including strengthening collaboration with international partners, can be developed. For this purpose, the working group plans to meet regularly several times a year.