(a) Joint Ransomware Task Force(1) In generalNot later than 180 days after March 15, 2022, the Director, in consultation with the National Cyber Director, the Attorney General, and the Director of the Federal Bureau of Investigation, shall establish and chair the Joint Ransomware Task Force to coordinate an ongoing nationwide campaign against ransomware attacks, and identify and pursue opportunities for international cooperation.
(2) CompositionThe Joint Ransomware Task Force shall consist of participants from Federal agencies, as determined appropriate by the National Cyber Director in consultation with the Secretary of Homeland Security.
(3) ResponsibilitiesThe Joint Ransomware Task Force, utilizing only existing authorities of each participating Federal agency, shall coordinate across the Federal Government the following activities:(A) Prioritization of intelligence-driven operations to disrupt specific ransomware actors.
(B) Consult with relevant private sector, State, local, Tribal, and territorial governments and international stakeholders to identify needs and establish mechanisms for providing input into the Joint Ransomware Task Force.
(C) Identifying, in consultation with relevant entities, a list of highest threat ransomware entities updated on an ongoing basis, in order to facilitate—(i) prioritization for Federal action by appropriate Federal agencies; and
(ii) identify 11 So in original. metrics for success of said actions.
(D) Disrupting ransomware criminal actors, associated infrastructure, and their finances.
(E) Facilitating coordination and collaboration between Federal entities and relevant entities, including the private sector, to improve Federal actions against ransomware threats.
(F) Collection, sharing, and analysis of ransomware trends to inform Federal actions.
(G) Creation of after-action reports and other lessons learned from Federal actions that identify successes and failures to improve subsequent actions.
(H) Any other activities determined appropriate by the Joint Ransomware Task Force to mitigate the threat of ransomware attacks.
(b) Rule of constructionNothing in this section shall be construed to provide any additional authority to any Federal agency.
Structure US Code
CHAPTER 1— HOMELAND SECURITY ORGANIZATION
SUBCHAPTER XVIII— CYBERSECURITY AND INFRASTRUCTURE SECURITY AGENCY
Part A— Cybersecurity and Infrastructure Security
§ 652. Cybersecurity and Infrastructure Security Agency
§ 652a. Sector Risk Management Agencies
§ 654. Infrastructure Security Division
§ 655. Enhancement of Federal and non-Federal cybersecurity
§ 657. Cyber Security Enhancement Act of 2002
§ 658. Cybersecurity recruitment and retention
§ 659. National cybersecurity and communications integration center
§ 663. Federal intrusion detection and prevention system
§ 664. National asset database
§ 665. Duties and authorities relating to .gov internet domain
§ 665a. Intelligence and cybersecurity diversity fellowship program
§ 665b. Joint cyber planning office
§ 665c. Cybersecurity State Coordinator
§ 665d. Sector Risk Management Agencies
§ 665e. Cybersecurity Advisory Committee
§ 665f. Cybersecurity education and training programs
§ 665g. State and Local Cybersecurity Grant Program
§ 665h. National Cyber Exercise Program
§ 665j. Ransomware threat mitigation activities
§ 665k. Federal Clearinghouse on School Safety Evidence-based Practices
§ 665l. School and daycare protection
§ 665m. President’s Cup Cybersecurity Competition
§ 665n. Industrial Control Systems Cybersecurity Training Initiative