Earlier this year, the Institute for Security and Technology (IST), in collaboration with the Organization of American States (OAS), supported the Ministry of Foreign Affairs of Brazil to launch the Brazil Ransomware Task Force. This initiative brings together public and private sector stakeholders to develop strategies that reduce ransomware risks and build resilience across Brazil’s critical sectors. The Brazil RTF is organized around four key pillars—Deter, Disrupt, Prepare, and Respond—mirroring the global Ransomware Task Force (RTF) framework.
In December 2020, IST convened the global Ransomware Task Force, and in April 2021, the RTF released Combating Ransomware, a globally-scoped, comprehensive framework for action with 48 recommendations. These recommendations tackle ransomware challenges at an international and trans-national level, with some specific recommendations for the United States of America. As the report noted, “ransomware is a global challenge, as institutions in all sectors around the world are being increasingly targeted. A single attack can also rapidly spread across borders, intentionally or otherwise.” The 2023 RTF Global Ransomware Incident Map further highlighted the global scale of the issue, reporting “ransomware incidents in 117 countries carried out by 66 different ransomware groups.”
Given this widespread impact, it is clear that tailored national and regional approaches are essential—not only to address the rising ransomware threat but also to account for the unique regulatory, legal, and political environments in each country. In collaboration with the Inter-American Committee against Terrorism (CICTE) of the OAS and Brazil’s Ministry of Foreign Affairs, IST and its partners are developing an initiative that supports both Brazil’s specific needs and contributes valuable insights to the global fight against ransomware.
Over September 23 and 24, 2024, IST’s Senior Director for International Cyber Engagement Elizabeth Vish and I attended the Brazil RTF’s first conference in Brasília, co-organized with the OAS. Held at the grand Palácio Itamaraty, the seat of Brazil’s Ministry of Foreign Affairs, the conference brought together over 60 participants, including representatives from law enforcement, cybersecurity firms, financial institutions, and academia. Ambassador Marcelo Câmara, the Director of the Department of Strategic, Defense, and Disarmament Affairs, kicked off the event with a keynote speech emphasizing the importance of coordinated efforts to mitigate ransomware attacks. Following his address, one panel discussed Brazil’s ransomware threat landscape, while another featured insights from public and private sector experts.
After the panels, participants split into four smaller, pillar-oriented working groups, each focused on brainstorming strategies to deter, disrupt, prepare, and respond to ransomware in Brazil. At the end of each day, we reconvened in a large plenary session where the working group co-chairs presented pillar-specific recommendations and heard feedback from all the participants. It was remarkable to watch—and hear, with the help of interpreters—cross-sector experts fully engaged, asking tough questions and working together to find ways to minimize ransomware’s impact on the country.
So, what’s next for the Brazil RTF?
Elizabeth and I, in partnership with the OAS, are working closely with the Ministry of Foreign Affairs of Brazil and the Brazil RTF working groups to shape their final recommendations. Over the next few months we’ll be reviewing, weaving in relevant feedback, and translating—literally, as we toggle between English and Portuguese—to ensure this report is comprehensive and practical. Then, in 2025, the Brazil RTF will publish its cornerstone report in Portuguese, packed with actionable strategies for both the public sector and industry to combat ransomware.
IST extends our sincere thanks to the Ministry of Foreign Affairs of Brazil, the OAS, and all the working group co-chairs and members for their partnership, expertise, and dedication. We look forward to supporting the ongoing work of the Brazil Ransomware Task Force!
Obrigada!