White House aims to ‘redouble’ global push against ransomware
Martin Matishak October 31, 2022

White House aims to ‘redouble’ global push against ransomware

Martin Matishak

October 31, 2022

White House aims to ‘redouble’ global push against ransomware

The White House on Monday will reinforce international efforts to combat ransomware and other kinds of cybercrime by hosting leaders from over 30 countries, as well as members from the private sector, to discuss ways to counter the disruptive attacks.

The administration will host a two-day, in-person meeting of the “Counter Ransomware Initiative” — which it launched virtually last year — to examine the progress the coalition has made against the global scourge and share ideas about how to better fight it, a senior administration official told reporters during a call on Sunday.

“The threat has clearly evolved. Ransomware attacks continue,” the official said. 

Ransomware has ravaged both the public sector and businesses around the world over the last year.

In September, the second largest public school district in the U.S. was targeted and eventually saw nearly 300,000 of its files dumped online as punishment for denying the attacker’s demands. Meanwhile, hospitals in the U.S., United Kingdom and France have become targets and Australia’s largest health insurer recently fell victim to a digital assault.

In a change from last year’s gathering, the summit will include members from 13 companies from across the globe, according to the administration official.

“This is just a first round of getting companies’ perspective to ensure that we’re not doing it the traditional government way, which is government-to-government only, but we’re pulling in the private sector because of their unique visibility, capability and insights into it,”  the official said, noting all of the participants were told in advance to be ready to discuss how the government and private sector can work together to tackle the global problem.

Companies participating in the event include Microsoft, Palo Alto Networks, Siemens, German enterprise software maker SAP and cybersecurity firms Crowdstrike and Mandiant.

Russia, which has become notorious for sheltering ransomware organizations, was once again left off the White House’s guest list.

The administration official downplayed Moscow’s absence, arguing the event will focus more on how countries can disrupt malicious actors and strengthen their resilience 

“So, less about Russia, more about how we, as a set of countries, make it harder, costlier or riskier for ransomware actors to operate,” the official told reporters, adding the group would issue a statement on countries that provide digital criminals with safe harbor. 

The entire conference will be held behind closed doors, except for a public closing session on Tuesday.

The first day will be held at FBI headquarters and attended by Director Chris Wray, who has been vocal about the threat ransomware poses. 

The day will begin with a detailed threat briefing by representatives from the FBI, the Office of the Director of National Intelligence and the Cybersecurity and Infrastructure Security Agency (CISA), according to the administration official. The international group will then meet at the Treasury Department on Tuesday.

The administration official said the coalition, which is broken up into five different working groups, will discuss a host of topics, including the increasing pace of attacks, the targeting of the health care sector and the “really troubling” trend of ransomware gangs releasing the stolen data if their financial demands aren’t met.

While there have been some takedowns of cybercriminals and other disruptions over the last year, “we really want to redouble our work, even the partnerships because… it’s a borderless problem,” the official said.

Martin Matishak is a senior cybersecurity reporter for Recorded Future News. He spent the last five years at Politico, where he covered Congress, the Pentagon and the U.S. intelligence community and was a driving force behind the publication's cybersecurity newsletter.