Representatives of over 30 nations to coordinate actions against ransomware
18 October 2021
On 14 October 2021, the White House brought together the representatives of more than 30 national governments to address the transnational nature of the threat posed by ransomware attacks. The meeting resulted in a joint statement on the priorities and urgent steps that governments agreed to take in order to reduce the disruptive effects of ransomware.
Ministers and representatives of the participating governments met virtually on 13-14 October 2021 to discuss a consolidated approach to the increasing cyber threat posed by ransomware attacks. It is noteworthy that the representatives agreed to use diplomacy to tackle challenges presented by ransomware.
The key steps set out in the joint statement include:
- improving network resilience to prevent and respond to ransomware incidents. Activities include establishment of effective policy frameworks, governance structures and incident response procedures, as well as promoting the implementation of cybersecurity best practices. Participating governments committed to sharing lessons learned and best practices for addressing ransom payments, stepping up information sharing efforts and exploring the options for accountability of senior leaders for effective cybersecurity decision-making;
- addressing the abuse of financial mechanisms to launder ransom payments or conduct other activities that make ransomware profitable. Envisaged international cooperation will aim at inhibiting, tracing and intercepting ransomware payment flows and disrupting the ransomware business model and related money-laundering activities. This may include common activities on facilitating customer due diligence, reporting of suspicious activity and transaction monitoring. Governments will also seek cooperation with the virtual asset industry to improve information sharing about ransomware; and
- disrupting the ransomware ecosystem via timely and consistent collaboration (both domestic and international) of law enforcement to investigate and prosecute ransomware crimes. Such collaboration may also be pursued alongside diplomatic channels. Participating governments will also take active steps to address safe havens for ransomware criminals, including by sharing information and providing requested assistance to combat ransomware activity.
Among the nations that signed the joint statement are the US, EU (and some individual EU member states, e.g. France, Germany, Netherlands, Italy, Estonia), the UK, Australia, Japan, Singapore, Canada, Israel, Brazil, South Africa and Nigeria.