On Task Force Bounds

Photo by Ray Bilcliff on Pexels.com

BLUF – Reading the recent report from the Ransomware Task Force reminds us of the advantages and limitations task forces offer. In any cresting malicious cyber trend, the tide goes out when the monetary spends exceed gains. Bounds imposed on task forces create challenges for lasting change.


Last week we saw the report of Public/Private ransomware task force. Whilst there are good pieces (and I know at least one or two of the participants) there are some things missing from a truly effective strategy.

A few years back I was in a meeting with Analysis & Resilience Center for Systemic Risk (ARC) and Federal law enforcement talking about ways forward, where I asked about undercover operational options within dark web spaces. The trouble was (and is) US law enforcement can only conduct undercover operations for specified periods, targeting specific actors. What I was suggesting wasn’t feasible under those parameters.

I wanted more – an operation giving options to curbing effective laundering of crypto. If we cornered the market, we could have transparent intelligence on criminal operations, with the lever in place to bring monetization to a crashing halt. Consider it a breakwater set in managing the cybercrime tides.

Certainly there is much to be appreciated with task force efforts. They do a great deal of work focused on a specific area for a specific time. There is a substantial amount of expertise usually brought in. Trouble is, the task force is temporal and has constraints.

The criminals aren’t bound by those. Appears nation-states aren’t either.

At the end of the meeting, after pressing agents to uncover further options for better part of an hour, I was a bit frustrated and asked just how far are we willing to go in making this right. The question was turned, asking how far I was willing to go. Before I responded, an agent’s offhand remark was, “don’t ask him that.” They were right.

We still need solutions. I wasn’t invited back.