Virtual Library

Our virtual library is an online repository of all of the reports, papers, and briefings that IST has produced, as well as works that have influenced our thinking.

Submit your Content

Reports

Ransomware Task Force: Doubling Down

Ransomware Task Force

viewpdf

Reports

Information Sharing in the Ransomware Payment Ecosystem: Exploring the Delta Between Best Practices and Existing Mechanisms

Zoë Brammer

viewpdf

Memo

Testimony: Held for Ransom: How Ransomware Endangers Our Financial System

Megan Stifel

viewpdf

Memo

Roadmap to Potential Prohibition of Ransomware Payments

Ransomware Task Force Co-Chairs

viewpdf

Reports

Unlocking U.S. Technological Competitiveness: Evaluating Initial Solutions to Public-Private Misalignments

Ben Purser, Pavneet Singh

viewpdf

Reports

Public Private Partnerships to Combat Ransomware: An inquiry into three case studies and best practices

Elizabeth Vish, Georgeanela Flores Bustamante

viewpdf

Reports

Unlocking U.S. Technological Competitiveness: Public-Private Misalignments in Biotechnology, Energy, and Quantum Sectors

Ben Purser, Pavneet Singh

viewpdf

Contribute to our Library!

We also welcome additional suggestions from readers, and will consider adding further resources as so much of our work has come through crowd-sourced collaboration already. If, for any chance you are an author whose work is listed here and you do not wish it to be listed in our repository, please, let us know.

SUBMIT CONTENT

Information Sharing in the Ransomware Payment Ecosystem: Exploring the Delta Between Best Practices and Existing Mechanisms

Zoë Brammer

SUMMARY

This report first describes in detail a ransomware attack scenario exercise conducted by IST’s RTF Payments Working Group. Next, it compares the results of this exercise with recent collaborative operations, including the Hive disruption operation, the Emotet botnet takedown, and the Colonial Pipeline ransom payment recovery. This report in turn outlines existing formal federal information sharing mechanisms in the United States, maps these mechanisms atop the ransomware payment ecosystem map, and identifies gaps that, if addressed, could clarify the information environment and help scale disruptive operations. Finally, this report delineates steps that the United States and its partner governments can take to bolster information sharing with the private sector to help scale existing best practices.

Thank you to the following contributors: David Aaron, Silas Cutler, Matt Georgy, James Gulak, Adam Hickey, Trevaughn Smith, Megan Stifel

download pdf