The US, European Union and 30 other countries have joined hands to counter the increasing menace caused by ransomware threats.
Ransomware has become one of the most prevalent attack methods for criminals, from state-sponsored attacks to home-grown cybercriminals. It is estimated that by the end of 2021, there could be around 300 ransomware attacks, with the average cost hitting close to US$2 million per attack.
On October 13th and 14th, the White House National Security Council facilitated an international counter-ransomware virtual event with over 30 countries and the European Union, with the goal of accelerating cooperation to counter ransomware. The meetings addressed improving network resilience, addressing the financial systems that make ransomware profitable, disrupting the ransomware ecosystem via law enforcement collaboration, and leveraging the tools of diplomacy to address safe harbors and improve partner capacity.
Deputy Assistant to the President and Deputy National Security Advisor for Cyber and Emerging Technology Anne Neuberger discussed how the administration is working closely with international partners to address the shared threat of ransomware and galvanise global political will to counter ransomware activities. Delegations recognised the importance of international cooperation to address the transnational threat from ransomware.
The meeting was noteworthy considering that it was the first time delegations brought together experts that usually operate in parallel channels, like law enforcement, cyber resilience, diplomacy, financial regulators. All of these channels are relevant to disrupting ransomware, and the global community really brought them together for the first time to consider how we better connect and integrate those efforts to see where cooperation is working and where it isn’t so we can improve and counter ransomware more effectively.
With us, Not Against us
While the United States facilitated the meeting, it was not solely a U.S. initiative. “India chaired the Resilience Panel. The United Kingdom chaired the Countering Illicit Use of Cryptocurrency Panel. Australia chaired the Panel on disrupting Ransomware Infrastructure and Actors and Germany chaired the Diplomacy Panel,” noted Neuberger.
It is an incredibly complex ecosystem. “In fact, during the opening plenary, for example, the Israeli representative noted that an Israeli hospital was under attack by a ransomware attack at that moment,” said Neuberger.
Over 30 countries acknowledged that uneven implementation of Financial Action Task Force rules around virtual currency enabled criminals to take advantage of that uneven implementation to use virtual currency for laundry of the proceeds of their crime. Countries repeatedly noted the value of cooperation among international partners to enhance the exchange of information and pointed to opportunities to automate certain information exchange. Because ransomware criminals often repeat their activities, repeat their tactics and techniques, more robust and real-time communication across governments can not only enhance national capabilities to address a ransomware attack while it’s happening, but can also potentially prevent an attack.
It takes a network to fight a network. It takes a network of countries connecting the individual elements within the country across diplomacy, law enforcement, financial regulators and then connecting globally to fight the network of ransomware actors’ infrastructure and illicit use of virtual currency, pointed out Neuberger.
