Representatives from 36 countries and the EU are continuing their work to fight ransomware, and have issued a joint statement after their second International Counter Ransomware Initiative (CRI) Summit, convened by the White House.
Since the first meeting in autumn 2021, the CRI members have been working on five core goals: to increase resilience, disrupt ransomware cartels, counter money laundering, build partnerships with private sector cyber firms, and strengthen international cooperation.
Michael Pezzulo, secretary of the Department of Home Affairs in Australia, said: “It’s a borderless threat, so, therefore, it needs a borderless response.”
No time to wait
In this summit, members stated the importance to join forces, and stressed about the pressing times with rising cyberattacks, and that new strategies and proactive work need to happen now.
“In the midst of this landscape, it is more important than ever that we come together to share what we are seeing through our unique lenses and learn from each other’s best practices,” said US deputy treasury secretary Wally Adeyemo.
“We may approach the challenge of ransomware with a different lens – and in some cases, an entirely different set of tools – but we are all here because we know that ransomware remains a critical threat to victims across the globe and continues to be profitable for bad actors.
“In fact, we know that hackers around the world consider conducting ransomware attacks the most profitable scheme on the internet – more profitable even than selling illegal drugs via darknet markets and stealing and selling stolen credit cards,” Adeyemo added.
Janusz Cieszyński, secretary of state, Government Plenipotentiary for Cyber Security, said: “I’d like to stress that we have no time to spare. I hope we will be able to take the can-do attitude that is in this room back to our home countries and go straight through the legal, security, and all the other teams to make action items from our meeting possible soon.”
Cyber security experts
Like the first meeting, this one also focused on CRI’s five goals. The White House had also invited 13 cybersecurity companies to join the summit, to get their view on how governments should be working to counter ransomware, what the private sector can do, and what can be done together. However, some voices were raised on the need to respect that different countries have different legal authorities and capacities.
Besides working together across borders, the statement also said that they will increase the levels of enforcement by holding ransomware actors ‘accountable for their crimes and not provide them safe haven”. CRI will also “combat ransomware actors’ ability to profit from illicit proceeds by implementing and enforcing anti money laundering and countering the financing of terrorism (AML/CFT) measures, including ‘know your customer'(KYC) rules, for virtual assets and virtual asset service providers.”
“In fact, we know that hackers around the world consider conducting ransomware attacks the most profitable scheme on the internet – more profitable even than selling illegal drugs via darknet markets and stealing and selling stolen credit cards.”
Wally Adeyemo, US deputy treasury secretary
Since the meeting last year, some positive work has already been carried out, including combating the role of cryptocurrency in ransomware in Singapore and the UK, diplomacy work in Germany, and work on public-private partnerships in cyber in Spain.
Apart from continuing working towards their five goals, the members will also support the implementation of the previously endorsed UN framework for responsible state behaviour in cyber space.
CRI members are also planning to establish a voluntary International Counter Ransomware Taskforce (ICRTF) that will be responsible for developing cross-sectoral tools and threat intel exchange, and consolidating policy and best practice guidance. The taskforce will produce reports on ransomware tools, tactics and procedures, and will collaborate with the private sector through an ancillary industry chapter.
Private sector a key player
Most of the participants were united on the importance of working together with the private sector to succeed in the fight against ransomware groups.
Dr. Bernd Pichlmayer, adviser to the federal chancellor at the Federal Chancellery of Austria, said that, “A whole-of-society approach to delivering a deeply needed piece to solve the global ransomware puzzle needs to include predefined interfaces and cooperation with the private sector.”
Jose Montilla Suero, digital vice minister in the Dominican Republic added: “The government cannot achieve our cyber resilience goals alone. The private sector owns and operates much of our nation’s critical infrastructure. There is only one way to defend the state from cyber threats, and that is through government industry and civil society working together, sharing appropriate information, and raising awareness and education as allies behind the same goals.”
Borderless threat
The White House has also issued a fact sheet, stating that the CRI and private-sector partners discussed and developed concrete, cooperative actions to counter the spread and impact of ransomware around the globe.
In the closing remarks, US National Security Advisor Jake Sullivan stressed the importance of international collaboration in tackling the ongoing ransomware crisis. “We’ve been focused on really strengthening collaboration with our partners—doing this in partnership with other countries because any one country solving their cyber problem is not really getting after the root of this problem, which is a network problem that affects all of us.”
“And that’s why in fact this coalition is the largest in the world in terms of a cybersecurity coalition. And the most comprehensive – bringing together countries and companies from all regions of the globe to deter and disrupt these ransomware attacks.”
Vice President Kamala Harris tweeted:
The members of the International Counter Ransomware Initiative (CRI) are: Australia, Austria, Belgium, Brazil, Bulgaria, Canada, Croatia, Czech Republic, Dominican Republic, Estonia, France, Germany, India, Ireland, Israel, Italy, Japan, Kenya, Lithuania, Mexico, the Netherlands, New Zealand, Nigeria, Norway, Poland, Republic of Korea, Romania, Singapore, South Africa, Spain, Sweden, Switzerland, United Arab Emirates, United Kingdom, United States, and Ukraine, and the European Union.