Mayorkas: DHS running ransomware task force, White House plan coming

Alejandro Mayorkas as deputy DHS secretary in 2016. (U.S. Coast Guard photo by Petty Officer 3rd Class Lora Ratliff)

Department of Homeland Security Secretary Alejandro Mayorkas on Thursday said his agency has formed a task force to combat ransomware and that the White House is actively developing its own plan to confront the issue.

The DHS task force includes representatives from the Cybersecurity and Infrastructure Security Agency, Secret Service, Coast Guard and Immigration and Customs Enforcement's Homeland Security Investigations unit, according to Mayorkas. The new task force is part of the secretary's planned "60-day sprint" on ransomware, which he announced in March would be the first in a series of new efforts.

"Beyond CISA…the entire federal government is stepping up to face this challenge," Mayorkas said during the event hosted by the Institute for Security and Technology. "The White House is developing a plan dedicated to tackling this problem."

Mayorkas also confirmed recent press reports stating the Justice Department last week established its own task force focused on ransomware.

The secretary's remarks coincided with the release of a new report by IST featuring recommendations for the Biden administration on combatting ransomware. The group behind the report include dozens of industry experts from companies such as Microsoft, McAfee and FireEye as well as various former government officials.

The report, echoing that of other industry threat assessments published this year, notes an uptick in ransomware attacks coincided with the spread of the coronavirus.

Ransomware "has disproportionately impacted the healthcare industry during the COVID pandemic, and has shut down schools, hospitals, police stations, city governments, and U.S. military facilities.

Some of the report's recommendations include establishing a U.S. government "Joint Ransomware Task Force," forming an international coalition focused on ransomware, sanctioning countries that fail to take action against threat actors and designating ransomware a national security threat.

Mayorkas earlier this month issued a joint statement with Attorney General Merrick Garland and counterparts in the United Kingdom, Australia, New Zealand and Canada on the threat ransomware poses.

"Ransomware is a growing cyber threat which compromises the safety of our citizens, the security of the online environment, and the prosperity of our economies. It can be used with criminal intent, but is also a threat to national security," the April 7 statement said.

"The COVID-19 pandemic has seen cyber threat actors exploiting this new environment as a means of furthering malicious activity," the statement continued.