The Institute for Security and Technology received a $450,000 donation from Craig Newmark Philanthropies to continue its work combatting ransomware, the organization shared first with CyberScoop.
The money will go towards continuing the work started by the Ransomware Task Force, a public-private collaboration launched earlier this year by the Institute. The task force brought together representatives from more than 60 companies and organizations across government, nonprofits and the private sector. Microsoft, Rapid 7, the Cyber Threat Alliance, FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency are among the participants.
The Ransomware Task Force released a report at the end of April offering four dozen recommendations for policymakers and industry to take on the problem. The task force recommended that governments establish a fund to support ransomware response, and closer regulation of the cryptocurrency. IST will use the funding from Newmark, the founder of Craigslist, and other forthcoming funds to help implement those ideas, says Philip Reiner, chief executive officer of the Institute for Security and Technology.
“If you look at the range of recommendations that came out of that report, there’s a lot of work to do,” he said. “We’re going to try to tackle the biggest issues in the report.”
The funding is a far cry from the millions received by organizations working on related technology and security causes, but it’s a significant step forward for civil society organizations focused on cybersecurity that have long been ignored by philanthropists. An April open letter led by William and Flora Hewlett Foundation, Craig Newmark Philanthropies, and Gula Tech Foundation and signed by 30 organizations and individuals called for private philanthropy to step up its investment in cybersecurity issues.
“IST has the people to help get the people to get the problem solved,” Craig Newmark said. “It’s all hands on deck because of the neglect of cybersecurity over the past few years.”
Reiner declined to provide specifics on upcoming projects but said that the organization will focus on facilitating forums for discussion and action-oriented tasks recommended in the report, such as possibly standing up a ransomware incident response network for public and private organizations to share threats. IST will also use the funding to bring on more staff to work on ransomware issues.
The United States has suffered two high-profile ransomware attacks since the report was released, including one incident that forced fuel-supplier Colonial Pipeline to go offline for days. Meat supplier JBS also suffered a ransomware attack, briefly interrupting some grocery supply chains.
Ransomware has become a pressing security concern for national security officials in the U.S. and for global diplomats. The subject was a key matter of discussion at both the recent G7 meetings and a summit between the United States and Russia. Russia’s alleged harboring of cybercriminals conducting ransomware attacks has led to increased tensions between Russia and the U.S. government.
“I think on both an international and national level, the awareness of the virulence of this ransomware threat is at the forefront of everyone’s thinking,” said Reiner. “We want to take advantage of the momentum that exists internationally and nationally.”