Skip to content
Sign Up for Our Newsletter
About
Close About
Open About
About the Institute for Security and Technology
Our Team
Board Of Directors
Careers
Contact Us
Featured Events
Cyber Policy Awards
Critical Effect DC
Projects
Close Projects
Open Projects
AI and NC3
Pioneering action-oriented efforts to explore how advanced AI capabilities will be integrated into nuclear command, control, and communications
AI Antitrust and National Security
Exploring how to more effectively account for national security considerations in AI antitrust cases while respecting precedent, scope, and the core principles of antitrust law
AI Risk Reduction Initiative
Assessing the emerging risks and opportunities of AI foundation models and developing risk reduction strategies
AI Chip Export Control Initiative
Safeguarding U.S. national competitiveness by closing critical compliance and enforcement gaps
AI Risk Barometer
Measuring national security professionals’ perceptions of AI futures through a technically-informed survey
CATALINK
Preventing the onset or escalation of conflict by building a resilient global communications system
Energy FIRST
Powering U.S. and allied security & prosperity through a resilient energy future
Ransomware Task Force (RTF)
Combating the ransomware threat with a cross-sector approach
Religious Voices and Responsible AI
Engaging religious communities on safe and beneficial AI
SL5 Task Force
Strengthening AI security through a multistakeholder approach
UnDisruptable27
Driving more resilient lifeline critical infrastructure for our communities
All Projects
» Explore all of IST's projects, past and current
Focus Areas
Future of Digital Security
Geopolitics of Technology
Innovation and Catastrophic Risk
Events
Insights
Contact
Search
Donate
Archive
ransom payments
Event
March 26, 2025 9:00 am
Exploring the UK’s Ransomware Legislative Proposals
On March 26, IST and the Ransomware Task Force hosted an in-depth discussion on the UK’s government recent open consultation on ransomware.
critical infrastructure
,
incident reporting
,
ransom payments
,
Ransomware
March 26, 2025
Blog
2023 RTF Global Ransomware Incident Map: Attacks Increase by 73%, Big Game Hunting Appears to Surge
According to the Ransomware Task Force’s fourth Global Ransomware Incident Map, ransomware attacks increased 73% in 2023. Using Ecrime.ch data, the map analyzes incidents across 117 countries originating from 66 ransomware groups.
CL0P
,
incident map
,
ransom payments
,
Ransomware
,
Ransomware-as-a-Service
September 26, 2024
Progress Report
,
Report
Ransomware Task Force: Doubling Down
While the U.S. government and its partners made great strides in combating ransomware in 2023, attacks have only increased. Of the 48 recommendations made in the original RTF Report, our assessment remains unchanged from a year ago: only 24 have seen significant progress.
cybersecurity
,
incident reporting
,
ransom payments
,
Ransomware
April 24, 2024
Report
Information Sharing in the Ransomware Payment Ecosystem: Exploring the Delta Between Best Practices and Existing Mechanisms
IST's latest report pulls from a recent attack scenario exercise performed by the Ransomware Task Force's Payments Working Group, comparing the results to information sharing case studies including the Hive disruption operation, the Emotet botnet takedown, and the Colonial Pipeline ransom recovery.
Colonial Pipeline
,
cybersecurity
,
Emotet
,
Hive
,
ransom payments
,
Ransomware
April 17, 2024
Testimony
Testimony: Held for Ransom: How Ransomware Endangers Our Financial System
On April 16, 2024, Chief Strategy Officer Megan Stifel testified before the House Committee on Financial Services Subcommittee on National Security, Illicit Finance, and International Financial Institutions for a hearing entitled, "Held for Ransom: How Ransomware Endangers Our Financial System."
financial services
,
ransom payments
,
Ransomware
April 16, 2024
Memo
Roadmap to Potential Prohibition of Ransomware Payments
The Ransomware Task Force Co-Chairs present a roadmap to potential prohibition of ransomware payments with 16 milestones that, if pursued concurrently by government and the private sector, could reduce the need for a prohibition of ransomware payments in the first place or facilitate its eventual imposition.
ransom payments
,
Ransomware
,
roadmap
April 10, 2024
Event
February 15, 2024 11:00 am
Unpacking a Potential Ban on Ransom Payments: Implications, Alternatives, and What’s Next
Ransomware continues to threaten organizations, governments, schools, and even lives. Ransomware actors are primarily profit-motivated. Would a ban meaningfully decrease payments, and if so, would criminals shift away from this tactic? On February 15, IST hosted a webinar to assess the ecosystem’s level of preparedness for a ban, unpack the implications of a ban across industries, and discuss what comes next.
incident reporting
,
ransom payments
,
Ransomware
,
resilience
February 15, 2024
Event
August 23, 2023 1:00 pm
Ransomware Roundup: LockBit, Payment Bans, and Trends
On August 23, 2023, IST adjunct advisors and members of the Ransomware Task Force Jen Ellis, Marc Rogers, Jason Kikta, and Silas Cutler hosted a popup webinar on the latest ransomware news.
LockBit
,
ransom payments
,
Ransomware
August 23, 2023
Report
Mapping Threat Actor Behavior in the Ransomware Payment Ecosystem: A Mini-Pilot
This mini-pilot overlays actual threat actor behavior on the original ransomware payment ecosystem map. It seeks to identify which kinds of disruption could be the most effective and where to apply them in the payment process.
cybersecurity
,
mini pilot
,
ransom payments
,
Ransomware
May 22, 2023
Progress Report
May 2023 Progress Report: Ransomware Task Force: Gaining Ground
As of May 2023, 92% of the 48 RTF recommendations have seen some action, with 50% experiencing significant progress, including through legislation and policy adoption.This report walks readers through the RTF’s second year, acknowledging tremendous shifts in the ecosystem, especially in light of the war in Ukraine, and highlights key areas of progress.
disruption
,
incident reporting
,
progress report
,
ransom payments
,
Ransomware
May 5, 2023
Report
Mapping the Ransomware Payment Ecosystem: A Comprehensive Visualization of the Process and Participants
Central to our ability to mitigate the threat of ransomware is the development of a common understanding of the actors, stakeholders, processes, and information, both required for and produced during the ransomware payment process. Yet, when we began this work, such a picture did not exist. We undertook this effort to fill that gap.
mapping
,
ransom payments
,
Ransomware
,
visualization
November 15, 2022
Testimony
Testimony: Rising Threats: Ransomware Attacks and Ransom Payments, Enabled by Cryptocurrency
On June 7, 2022, IST Chief Strategy Officer Megan Stifel testified in front of the U.S. Senate Committee on Homeland Security and Governmental Affairs for the hearing entitled, "Rising Threats: Ransomware Attacks and Ransom Payments, Enabled by Cryptocurrency."
blueprint
,
cryptocurrency
,
cybersecurity
,
ransom payments
,
Ransomware
June 7, 2022
Event
August 25, 2021 11:31 am
To Pay A Ransom: Costs and Ethics of Paying Ransomware Demands
What are the costs and ethics of paying ransom demands to cybercriminals? Payments perpetuate ransomware, but could a payment ban truly be feasible? On August 25, 2021, IST hosted experts for a virtual discussion.
debate
,
ransom payments
,
Ransomware
,
Ransomware-as-a-Service
August 25, 2021
Event
February 25, 2021 2:00 pm
Cut Off The Cash: Cryptocurrency and Ransomware Payments
Ransomware actors consistently demand ransom payments in cryptocurrencies, obscuring the ransom payment process and moving it to the digital domain. But how reliant is the success of ransomware on the use of cryptocurrency, and how anonymous are these coins? IST hosted a conversation on February 25, 2021 to assess the relationship between cryptocurrency and ransomware payments.
cryptocurrency
,
ransom payments
,
Ransomware
February 25, 2021
Search
Search
Home
About
CATALINK BRIEF
FAQ
Our Team
Why do we need crisis communications?
Activities
Events
Insights
Podcasts
Press
Get In Touch
