The ransomware ecosystem is a global one, with cyber criminals often launching attacks into one country from safe havens in another and receiving extortion payments through cryptocurrencies.
The second annual International Counter Ransomware Initiative (CRI) Summit, held earlier this week, brought together 36 countries and the E.U., as well as private-sector members, to outline new efforts to partner against ransomware, the White House announced. Per Yahoo! Finance, private-sector representation included 13 international companies.
“While the United States has made concerted efforts under our own national authorities and capabilities to fight the scourge of ransomware, it is a challenge that knows no borders,” the White House said in a fact sheet.
New steps will see Australia lead a to-be-formed International Counter Ransomware Task Force whose members will share information and coordinate actions to disrupt ransomware and illicit financing as well as boost resilience against the attacks.
Ransomware threats have come into the forefront for Australia in recent months. A September attack against telecom Optus exposed data on nearly 10 million residents — including significant amounts of personal details on 2.8 million — and the Department of Defence believes another incident exposed personal data of its personnel, per Australia’s ABC News.
In another collaborative effort announced at the summit, Lithuania will host a Regional Cyber Defense Centre with a fusion cell, where it will “test a scaled version” of the task force, receive data from participating members, and publish reports about ransomware trends — including tools, tactics and procedures — and mitigation steps.
CRI nations also plan to publish joint ransomware advisories, adopt a common framework for identifying which targets to prioritize, and work with the private sector to collaborate on disrupting ransomware operations and sharing information.
Plans for this year also call for creating a toolkit of resources to help members pursue ransomware perpetrators and creating case studies to show countries models for public-private partnerships.
CRI members also turned attention to cryptocurrency. Ransomware criminals often seek payments in this medium because of its anonymity or pseudonymity and the ease of receiving funds across borders. The White House said members would share information about crypto wallets used in laundering ransoms and hold a workshop on countering illicit financing of ransomware. Participants also will work to create and enforce international standards around anti-money laundering (AML) and combating the financing of terrorism (CFT) for the cryptocurrency ecosystem.
THE PARTICIPANTS
According to Yahoo! Finance, government members included the U.S. as well as Australia, Austria, Belgium Brazil, Bulgaria, Canada, Croatia, Czech Republic, Dominican Republic, Estonia, European Commission, France, Germany, India, Ireland, Israel, Italy, Japan, Kenya, Lithuania, Mexico, the Netherlands, New Zealand, Nigeria, Norway, Poland, South Korea, Romania, Singapore, South Africa, Spain, Sweden, Switzerland, Ukraine, United Arab Emirates and Britain.
Private-sector participants, meanwhile, included CrowdStrike, Mandiant, Cyber Threat Alliance, Microsoft, Cybersecurity Coalition, Palo Alto, Flexxon, SAP, Institute for Security and Technology, Siemens, Internet 2.0, Tata Consultancy Services (TCS), and Telefonica.
