36 Countries and EU Pledge to Disrupt Ransomware Attacks, Crack Down on Criminals

36 Countries and EU Pledge to Disrupt Ransomware Attacks, Crack Down on Criminals
An IT researchers shows on a giant screen a computer infected by a ransomware at the National Institute for Research in Computer Science and Automation in Rennes, France, on Nov. 3, 2016. (Damien Mayer/AFP via Getty Images)
Katabella Roberts
11/2/2022
Updated:
11/2/2022
0:00

Leaders from nearly 40 countries on Tuesday vowed to work together to track down those responsible for ransomware attacks, prevent ransomware criminals from being granted safe-havens, and implement a series of strong measures to counter such attacks.

Government leaders from a total of 36 countries, and the EU, met in Washington on Oct. 31–Nov. 1 for the Counter Ransomware Initiative (CRI), where they discussed “concrete, cooperative actions” aimed at preventing the global threat of ransomware attacks around the globe, according to a White House fact sheet.

The participating governments were Australia, Austria, Belgium, Brazil, Bulgaria, Canada, Croatia, the Czech Republic, the Dominican Republic, Estonia, the European Commission, France, Germany, India, Ireland, Israel, Italy, Japan, Kenya, Lithuania, Mexico, the Netherlands, New Zealand, Nigeria, Norway, Poland, the Republic of Korea, Romania, Singapore, South Africa, Spain, Sweden, Switzerland, Ukraine, the United Arab Emirates, the U.K., and the United States.

The leaders vowed to work together to hold ransomware criminals accountable for their actions and not provide them with a safe haven, stop such criminals from profiting from their actions by using anti-money laundering and countering the financing of terrorism (AML/CFT) measures, and disrupting the actions of ransomware actors and bringing them to justice “to the fullest extent permitted” under each countries’ laws.

The countries also vowed to work together in disrupting ransomware attacks by sharing information with each other, when appropriate, regarding  the “misuse of infrastructure to launch ransomware attacks to ensure national cyberinfrastructure is not being used in ransomware attacks.” The sharing of information, the leaders said, would be “in line with applicable laws and regulations.”

Leaders also pledged to create a voluntary International Counter Ransomware Task Force (ICRTF), led by the Australian government, which will develop tools to boost early warning capabilities, prevent attacks, and counter illicit finance activities, and undertake biannual counter ransomware exercises to help prepare for future attacks.

Most Ransomware Revenue Heads to Russia

They also agreed to create a “fusion cell” at the Regional Cyber Defense Centre (RCDC) in Kaunas, led by Lithuania, to “test a scaled version of the ICRTF and operationalize ransomware-related threat information sharing commitments.” The RCDC will publish semiannual public reports on ransomware trends and mitigation measures.

Finally, along with sharing information across countries, leaders promised to deliver an “investigators toolkit” that would document “lessons learned” and strategies for responding to large ransomware events which would allow CRI partners to “benefit from the breadth of expertise and technical capability brought together under the working groups.”

According to the White House, ransomware attacks impact thousands of companies and individuals every year globally.

A recent survey by Cybersecurity company SpyCloud among more than 300 security leaders in the U.K., United States, and Canada found that 90 percent of organizations reported being affected by ransomware in the last 12 months, despite 86 percent increasing their budget to protect against ransomware.
Notably, countries such as Iran, North Korea, China, and Russia did not participate in the talks on Tuesday. Research by Chainalysis published in February found that roughly 74 percent of ransomware revenue in 2021—over $400 million worth of cryptocurrency—went to individuals who were highly likely to be affiliated with Russia in some way.