World leaders make fresh vows to fight global ransomware threat
A coalition of government cybersecurity leaders from nearly 40 countries on Tuesday reaffirmed to work together to stamp out ransomware attacks, launching several new efforts meant to better combat the rising global threat.
“We commit to work together to prioritize disruption targets to leverage the breadth of authorities and tools available to pursue hard and complex targets more effectively. We intend to increase the number and impact of our disruption actions so that ransomware actors are stopped in their tracks,” members of the Counter Ransomware Initiative said in a joint statement after the conclusion of their two-day conference hosted by the Biden administration.
The group “committed not only to protecting ourselves and each other from ransomware, but also to helping other countries protect and disrupt so that ransomware is unable to gain traction worldwide,” vowing to offer technical and threat information and protection “as broadly as possible.”
Members also promised to "work together to increase political costs on countries that harbor and enable ransomware actors,” a reference to countries like Russia.
In addition to leaders from 37 countries, a group of 13 private companies — such as tech giant Microsoft and cybersecurity firms Mandiant and CrowdStirke — participated in the event.
The second annual meeting comes as ransomware incidents seem to be accelerating worldwide, with almost daily attacks on the private sector, with the health care and education sectors becoming an increasingly favorite target of digital criminal organizations.
"We've heard repeatedly that our adversaries are not kids and hoodies. They're well-trained, well-funded, professionally organized. They're innovative and they evolve. But so are we,” Nate Fick, the country's first cyber ambassador, said at the coalition’s public closing session.
The initiative will establish a voluntary International Counter Ransomware Task Force, helmed by Australia’s government, to boost information sharing about threats and track the finances of ransomware gangs, according to a fact sheet that accompanied the joint statement.
Members will also hold biannual exercises to strengthen resilience and deterrence against malicious actors; issue joint advisories that detail the tactics, techniques, and procedures used by cybercriminals; and create an “investigator’s toolkit” that will feature “lessons learned and strategies for responding to significant ransomware events,” the document stated.
It is unclear how much weight the new pledges will be given by Moscow and other countries like China, North Korea and Iran — all of which have either sheltered ransomware gangs or used cyberattacks to finance their governments or other illicit activities.
Speaking at the closing session, National Security Advisor Jake Sullivan hailed the initiative as the world’s “largest” cybersecurity coalition and the “most comprehensive."
“We have a long way to go but we've already come a long way...” he told the attendees. "Objects in motion can stay in motion if we keep pushing them forward. And that's what I think, collectively, we should all do.”
Martin Matishak is a senior cybersecurity reporter for The Record. He spent the last five years at Politico, where he covered Congress, the Pentagon and the U.S. intelligence community and was a driving force behind the publication's cybersecurity newsletter.