by Jeanne Zepp
Ransomware is a major issue affecting U.S. businesses and private individuals. However, we are not the only nation dealing with this problem. It is an international scourge perpetrated by bad actors from around the globe, often working in tandem.
This shared problem called for a collective response and, in 2021, the White House facilitated the first meeting of the Counter-Ransomware Initiative (CRI), attended virtually by over 30 countries. Participants included Australia, Brazil, Bulgaria, Canada, Czech Republic, Dominican Republic, Estonia, France, Germany, India, Ireland, Israel, Italy, Japan, Kenya, Lithuania, Mexico, Netherlands, New Zealand, Nigeria, Poland, Republic of Korea, Romania, Singapore, South Africa, Sweden, Switzerland, Ukraine, United Arab Emirates, and United Kingdom. Notably, Russia and China were not among the invitees.
The initiative seeks to minimize and eventually eradicate future ransomware attacks by focusing on ransomware disruption, attack resilience, digital currency misuse, and countermeasures enhanced by mutual cooperation. In her after action report, Deputy National Security Advisor Anne Neuberger reported that the meeting represented “the first time that delegations brought together experts that usually operate in parallel channels, like law enforcement, cyber resilience, diplomacy, financial regulators … to consider how we better connect and integrate those efforts to see where cooperation is working … and where it isn’t ….”
The initiative seeks to minimize and eventually eradicate future ransomware attacks.
In fall 2022, the Second International CRI Summit took place. Notably, this summit incorporated a new perspective: the input of 13 private-sector organizations. A White House fact sheet reported that the CRI had achieved progress in its focus areas between summits. Further, it identified eight specific efforts envisioned for 2023:
Notably, cryptocurrency use in ransomware schemes remains a primary concern. The fact sheet advises that CRI participants will convene a second workshop addressing ways to thwart such illicit financial activity and “build capacity on blockchain tracing and analytics, which would include a tabletop ransomware exercise, coordinated with law enforcement.” In addition, CRI partners will help create and enact international standards to thwart cryptocurrency use and share techniques used by bad actors to disguise the source of their digital currency.
The recently released National Cybersecurity Strategy rightly classifies ransomware as a “borderless challenge requiring international cooperation.” Information sharing among partner countries will be central to the success of this anti-ransomware network as will be a cohesive plan of action grounded in communication. The White House counted the development of “concrete, cooperative actions to counter the spread and impact of ransomware around the globe” among the many outcomes of the Second International CRI Summit.
Information sharing among partner countries will be central to the success of this anti-ransomware network.
Cooperative efforts do not, however, eliminate the need for each nation to adopt a strong individual posture on ransomware. The U.S. National Cybersecurity Strategy delineates several concrete actions that include:
An African proverb tells us that it takes a village to raise a child. Common sense tells us that a strong national posture complemented by a proactive international effort is the best way to eradicate highly organized ransomware gangs characterized by collaboration, shared techniques, ransomware-as-a-service software offerings, and more. In other words, it takes a network to bring down a network.