The US and Its Allies Are Pledging Never to Pay Hacker Ransoms The Messenger
pThe Biden administration and dozens of foreign allies will pledge this week never to pay ransoms to hackers who lock up their national governments computer systems hoping to discourage financially motivated cyber criminals from seeing those systems as attractive ransomware targetsppThe joint promise will occur as part of the third annual meeting of the International CounterRansomware Initiative which includes 48 countries the European Union and Interpol the global police agency Members are convening Wednesday and Thursday in Washington to approve new activities meant to make ransomware less profitable and therefore less prevalentppRansomware is an issue that knows no borders Anne Neuberger the White Houses deputy national security adviser for cyber and emerging technology told reporters during a briefing on Monday And as long as theres money flowing to ransomware criminals the problem will continue to growppBut despite the obvious economic rationale for the pledge not to pay ransoms the Biden administration has found it difficult to get every member of the initiative to sign the vow This was a really big lift and were still kind of in the final throes of getting every last member to sign but were pretty much there said a senior administration official who spoke on the condition of anonymity to discuss details of the antiransomware groups workppIn addition to fueling the global ransomware epidemic paying a ransom doesnt guarantee that the attacker will relinquish control of the victims files cybersecurity experts and government officials frequently warn Data provided to the US government by ransomware negotiators shows that companies with good backups are able to recover far more quickly than companies that pay a ransom according to the senior administration officialppThe CounterRansomware Initiatives latest meeting comes at a critical moment for the global war on ransomware In the past few years digital extortion attacks have crippled Costa Rican and Kenyan government services paralyzed Polish and Ukrainian transportation networks and disrupted the British postal system In the US ransomware has snarled operations at major casino chains hospital groups manufacturing firms and public school systemsppGovernments are taking notice Ransomware is top of mind here in the White House as well as whenever I talk to counterparts around the world the senior administration official told reportersppBeyond the noransoms pledge the CounterRansomware Initiative is taking several steps designed to improve its members ability to fight back against these attacksppMembers of the initiative will use artificial intelligence to analyze blockchains immutable digital ledgers of payment activity to help identify ransomware payments flowing through cryptocurrency platforms They will also maintain a shared blacklist of ransomware gangs cryptocurrency wallets making it easier for members to identify illicit payment flows and alert their domestic cryptocurrency firms to block or freeze those transactions And members will pledge to help each other respond to any ransomware attacks affecting government agencies or vital sectors like health care energy and communicationsppIn addition two new information sharing platforms will help members quickly share data about ransomware operators their tools and their techniques so that an attack on one member can be turned into defensive insights that other members can use to protect themselves Lithuania is operating one of the platforms while Israel and the United Arab Emirates are jointly running the other one The senior administration official said the two platforms serve different purposes and that the US was encouraging all members of the initiative to use whichever platform is more comfortable for that country The US hopes to see each country sharing at least one piece of threat information every weekppIn the past the CounterRansomware Initiative has given the US and its allies valuable experience working together to fight digital extortion according to the senior administration official This progress has been most evident in international collaborations to take down ransomware gangs computer systems Learning from each other on how to do disruptions and expanding the set of countries involved in those has been a key area of growth for the initiative the official saidppAs the initiative enters a new phase its focus will shift to increasing pressure on Russia and other countries that support or turn a blind eye to ransomware hackers The groups agenda for the next year will consist of raising awareness of where these hackers operate where theyre able to rent or steal access to computer servers and how to implement accountability on that according to the senior administration officialppThe biggest antagonists in cyberspace Russia China Iran and North Korea arent members of the initiative and have repeatedly ignored US pleas to stamp out malicious cyber activity emanating from within their borders There is no clear plan for getting them to crack down on cybercrime ppBut hackers often use computer servers based in other countries including US allies like Germany and Sweden and the White House is hoping that members of the initiative which Neuberger called the largest cyber partnership in the world will be receptive to their fellow members requests to shut down those servers when necessaryppWhen theyre responsive to other countries requests to take down infrastructure thats supporting criminal actors the senior administration official said other countries will be responsive to their requests as wellp