Government is ready to help the private sector fight against ransomware, but can find it challenging to convince businesses to work with it.

“The public-private partnership is so important, because we do have tools and resources that we could provide to small business, should those small businesses not have tools to defend themselves,” Mayorkas said.

Part of the challenge may be one of image. Companies hit by ransomware can be reluctant to speak to law enforcement about it, said panelist Peter Marta, who advises companies about cyber risk management and investigation in his role as a partner with law firm Hogan Lovells.

Corporations that have begun internal investigations into the attacks against them may be concerned that the government agencies will take away control, Marta said. Other businesses fear punishment, should law enforcements’ ransomware investigations also uncover regulatory violations or other issues on the part of the corporate victims, he said.

“When I’m engaged in the early hours of an incident, one of the first issues I address with clients is engaging U.S. government partners,” Marta said. “Occasionally, a client will resist a bit and express concern that … law enforcement might begin to investigate it, and — for clients in regulated industries — perhaps share that information it learns from a company with that client’s regulators.”

Panelists speak at the U.S. Chamber of Commerce “Countering Ransomware” virtual event

Both David Smith, special agent in charge of the criminal investigation division of the U.S. Secret Service (USSS), and Goldstein said this is not the case.

“Entities impacted by ransomware are victims,” Goldstein said. “Whether you call the Secret Service, federal law enforcement [or] CISA, you will be treated as a victim who needs assistance and help.”

Smith asserted that the USSS’s goals when contacted are to first mitigate the damage done to impacted companies and then hunt down the perpetrators.

“We’re not a regulatory body; there’s no evidence that the Secret Service is sharing any information with regulatory entities or employing any punitive measures against victims,” Smith said. “The more information you can give the Secret Service or law enforcement, the better equipped we are to find these people, apprehend them, take them out of the equation and protect you as the victim.”