The White House National Security Council is facilitating virtual meetings this week with senior officials and ministers from more than 30 countries at a virtual international anti-ransomware event to rally allies in the fight against the ransomware threat.
Publicly disclosed ransomware payments reached over $ 400 million worldwide in 2020 and over $ 81 million in the first quarter of 2021, according to a backgrounder released today by the White House.
International virtual meetings against ransomware
President Joe Biden announced on October 1 that the United States would bring together allies and partners from 30 countries to join together to crack down on ransomware groups behind a barrage of attacks affecting organizations around the world.
The Counter-Ransomware Initiative meetings come in response to ongoing attacks, including ransomware attacks against Colonial Pipeline, JBS Foods, and Kaseya in the United States, which have exposed significant vulnerabilities in critical global infrastructure.
“We are hosting – we are facilitating a virtual meeting. It will be joined by ministers and senior officials from over 30 countries and the European Union to accelerate cooperation to fight ransomware,” said a senior official from the administration to journalists in a background press. Call today.
“The Counter-Ransomware Initiative will meet over two days, and attendees will cover everything from efforts to improve national resilience to experiences in combating the misuse of virtual currency to launder ransom payments, our respective efforts to disrupt and prosecute ransomware criminals, and diplomacy as a tool to counter ransomware. “
The areas that will be covered in this week’s meetings (national resilience, combating illicit financing, disruption and diplomacy) align with the Biden administration’s anti-ransomware efforts, which are organized along four different axes. :
- Disrupt ransomware infrastructure and actors: The administration is putting the full weight of the US government’s capabilities to disrupt ransomware actors, enablers, networks and financial infrastructure;
- Build resilience to resist ransomware attacks: The administration called on the private sector to step up investments and focus on cyber defenses to deal with the threat. The Administration has also defined the expected cybersecurity thresholds for critical infrastructures and introduced cybersecurity requirements for critical transport infrastructures;
- Fighting abuse of virtual currency to launder ransom payments: Virtual currency is subject to the same anti-money laundering and terrorist financing (AML / CFT) controls applied to fiat currency, and these controls and laws must be applied. The administration leverages existing capabilities and acquires innovative capabilities to trace and ban ransomware products; and
- Leverage international cooperation to disrupt the ransomware ecosystem and address safe havens for ransomware criminals: Responsible states do not allow criminals to operate with impunity within their borders.
As part of this ongoing fight against cybercrime ransomware groups, President Biden also issued a U.S. security memorandum to strengthen the cybersecurity of critical infrastructure by setting baseline performance goals for owners and operators.
Deputy National Security Advisor Anne Neuberger has called on U.S. companies to take ransomware seriously after Colonial Pipeline and JBS ransomware attacks.
White House Press Secretary Jen Psaki added that the US administration will take action against ransomware groups operating inside Russia’s borders if “the Russian government is unable or unwilling “.
In July, Interpol also urged law enforcement and industry partners around the world to jointly tackle the ransomware threat after G7 leaders called on Russia to disrupt Russian-based ransomware gangs inside. of its borders.
Russia and China excluded
Even though Moscow and Washington managed to resume cooperation in several areas, which led to several attacks on Evil Corp., TrickBot and REvil gangs, according to Kommersant, Russia and China were not invited to the meetings of fight against ransomware this week.
“We have worked with allies and partners to hold nation states accountable for malicious cyber activity, as evidenced, truly, by the broadest international support we have ever had in our remit for the malicious cyber activity of Russia and the United States. China in recent months, ”the official said. added.
“The panel of experts continues to meet to confront the threat of ransomware and pressure Russia to act against criminal ransomware activity emanating from its territory. In this first round of talks, we did not invite the Russians to participate for a multitude of reasons, including various constraints. “
The official also said the Biden administrator observed that the Russian government was taking action to crack down on ransomware gangs active in its territory, with more results and follow-up actions expected.
“We are looking to the Russian government to combat criminal ransomware activity from actors in Russia. I can point out that we had, within the group of experts, frank and professional exchanges in which we communicated these expectations.
“We have also shared information with Russia regarding criminal ransomware activity carried out from its territory. We have seen some action taken by the Russian government and we are looking to see follow-up action.”
- US hosts 30-country ransomware summit, but without Russia and China
- US unites 30 countries to disrupt global ransomware attacks
- Governments around the world to crack down on ransomware payment channels
- US sanctions crypto exchanges and wallets used by ransomware
- Risk of ransomware attack increases on holidays and weekends