{"identifier":"/us/usc/t6/s665j","title":6,"num":"\u00a7\u202f665j.","heading":"Ransomware threat mitigation activities","text":"\u00a7\u202f665j.\nRansomware threat mitigation activities\n(a)\nJoint Ransomware Task Force\n(1)\nIn general\nNot later than 180 days after\nMarch 15, 2022\n(2)\nComposition\nThe Joint Ransomware Task Force shall consist of participants from Federal agencies, as determined appropriate by the National Cyber Director in consultation with the Secretary of Homeland Security.\n(3)\nResponsibilities\nThe Joint Ransomware Task Force, utilizing only existing authorities of each participating Federal agency, shall coordinate across the Federal Government the following activities:\n(A) Prioritization of intelligence-driven operations to disrupt specific ransomware actors.\n(B) Consult with relevant private sector, State, local, Tribal, and territorial governments and international stakeholders to identify needs and establish mechanisms for providing input into the Joint Ransomware Task Force.\n(C) Identifying, in consultation with relevant entities, a list of highest threat ransomware entities updated on an ongoing basis, in order to facilitate\u2014\n(i) prioritization for Federal action by appropriate Federal agencies; and\n(ii) identify\n1\n1 So in original.\n(D) Disrupting ransomware criminal actors, associated infrastructure, and their finances.\n(E) Facilitating coordination and collaboration between Federal entities and relevant entities, including the private sector, to improve Federal actions against ransomware threats.\n(F) Collection, sharing, and analysis of ransomware trends to inform Federal actions.\n(G) Creation of after-action reports and other lessons learned from Federal actions that identify successes and failures to improve subsequent actions.\n(H) Any other activities determined appropriate by the Joint Ransomware Task Force to mitigate the threat of ransomware attacks.\n(b)\nRule of construction\nNothing in this section shall be construed to provide any additional authority to any Federal agency.","url":"https://projectusc.org/usc/t6/s665j.html","content":[{"t":"sec","id":"/us/usc/t6/s665j","children":[{"t":"num","text":"\u00a7\u202f665j."},{"t":"heading","text":"Ransomware threat mitigation activities"},{"t":"subsec","id":"/us/usc/t6/s665j/a","children":[{"t":"num","text":"(a)"},{"t":"heading","text":"Joint Ransomware Task Force"},{"t":"para","id":"/us/usc/t6/s665j/a/1","children":[{"t":"num","text":"(1)"},{"t":"heading","text":"In general"},{"t":"content","children":[{"t":"p","text":"Not later than 180 days after ","children":[{"t":"text","text":"March 15, 2022","tail":", the Director, in consultation with the National Cyber Director, the Attorney General, and the Director of the Federal Bureau of Investigation, shall establish and chair the Joint Ransomware Task Force to coordinate an ongoing nationwide campaign against ransomware attacks, and identify and pursue opportunities for international cooperation."}],"tail":"\n"}],"tail":"\n"}],"tail":"\n"},{"t":"para","id":"/us/usc/t6/s665j/a/2","children":[{"t":"num","text":"(2)"},{"t":"heading","text":"Composition"},{"t":"content","children":[{"t":"p","text":"The Joint Ransomware Task Force shall consist of participants from Federal agencies, as determined appropriate by the National Cyber Director in consultation with the Secretary of Homeland Security.","tail":"\n"}],"tail":"\n"}],"tail":"\n"},{"t":"para","id":"/us/usc/t6/s665j/a/3","children":[{"t":"num","text":"(3)"},{"t":"heading","text":"Responsibilities"},{"t":"chapeau","text":"The Joint Ransomware Task Force, utilizing only existing authorities of each participating Federal agency, shall coordinate across the Federal Government the following activities:"},{"t":"subpara","id":"/us/usc/t6/s665j/a/3/A","children":[{"t":"num","text":"(A)"},{"t":"content","text":" Prioritization of intelligence-driven operations to disrupt specific ransomware actors.","tail":"\n"}],"tail":"\n"},{"t":"subpara","id":"/us/usc/t6/s665j/a/3/B","children":[{"t":"num","text":"(B)"},{"t":"content","text":" Consult with relevant private sector, State, local, Tribal, and territorial governments and international stakeholders to identify needs and establish mechanisms for providing input into the Joint Ransomware Task Force.","tail":"\n"}],"tail":"\n"},{"t":"subpara","id":"/us/usc/t6/s665j/a/3/C","children":[{"t":"num","text":"(C)"},{"t":"chapeau","text":" Identifying, in consultation with relevant entities, a list of highest threat ransomware entities updated on an ongoing basis, in order to facilitate\u2014"},{"t":"clause","id":"/us/usc/t6/s665j/a/3/C/i","children":[{"t":"num","text":"(i)"},{"t":"content","text":" prioritization for Federal action by appropriate Federal agencies; and","tail":"\n"}],"tail":"\n"},{"t":"clause","id":"/us/usc/t6/s665j/a/3/C/ii","children":[{"t":"num","text":"(ii)"},{"t":"content","text":" identify\u202f","children":[{"t":"ref","text":"1"},{"t":"num","text":"1","tail":"\u202fSo in original."},{"t":"text","text":"\u202fSo in original.","tail":" metrics for success of said actions."}],"tail":"\n"}],"tail":"\n"}],"tail":"\n"},{"t":"subpara","id":"/us/usc/t6/s665j/a/3/D","children":[{"t":"num","text":"(D)"},{"t":"content","text":" Disrupting ransomware criminal actors, associated infrastructure, and their finances.","tail":"\n"}],"tail":"\n"},{"t":"subpara","id":"/us/usc/t6/s665j/a/3/E","children":[{"t":"num","text":"(E)"},{"t":"content","text":" Facilitating coordination and collaboration between Federal entities and relevant entities, including the private sector, to improve Federal actions against ransomware threats.","tail":"\n"}],"tail":"\n"},{"t":"subpara","id":"/us/usc/t6/s665j/a/3/F","children":[{"t":"num","text":"(F)"},{"t":"content","text":" Collection, sharing, and analysis of ransomware trends to inform Federal actions.","tail":"\n"}],"tail":"\n"},{"t":"subpara","id":"/us/usc/t6/s665j/a/3/G","children":[{"t":"num","text":"(G)"},{"t":"content","text":" Creation of after-action reports and other lessons learned from Federal actions that identify successes and failures to improve subsequent actions.","tail":"\n"}],"tail":"\n"},{"t":"subpara","id":"/us/usc/t6/s665j/a/3/H","children":[{"t":"num","text":"(H)"},{"t":"content","text":" Any other activities determined appropriate by the Joint Ransomware Task Force to mitigate the threat of ransomware attacks.","tail":"\n"}],"tail":"\n"}],"tail":"\n"}],"tail":"\n"},{"t":"subsec","id":"/us/usc/t6/s665j/b","children":[{"t":"num","text":"(b)"},{"t":"heading","text":"Rule of construction"},{"t":"content","children":[{"t":"p","text":"Nothing in this section shall be construed to provide any additional authority to any Federal agency.","tail":"\n"}],"tail":"\n"}],"tail":"\n"},{"t":"text","text":"\n"},{"t":"text","text":"\n"}]}]}