The White House today hosted the first day of a two-day global ransomware summit aimed at thwarting the threat of ransomware.
The International Counter Ransomware Summit includes 36 countries and tech firms such as Microsoft Corp., Siemens AG and Google LLC’s Mandiant. The summit is described by a senior administration official as part of an “international partnership that spans most of the world’s time zones” and “really reflects the threat that criminal and cyberattacks bring.”
The “action-oriented agenda” focuses on five themes: increasing the resilience of all partners, disrupting cyber criminals, countering illicit finance, building private-sector partnerships and strengthening global cooperation to address these challenges. The Resilience Working Group, founded at the first summit last year, is said to have held two threat exercises in 2021 to ensure members could participate and learn from each other to implement best practices against an attack.
The administration also highlighted recent attacks, such as the September ransomware on the Los Angeles Unified School District that disrupted services. Other attacks mentioned include those targeting hospitals in France and the U.K. and what is described as a “significant ransomware attack” that just occurred in Australia.
Discussing the summit, Tom Kellermann, senior vice president of cyber strategy at application security software provider Contrast Security Inc., who also served on the Commission on Cybersecurity under the Obama administration, told SiliconANGLE that the majority of ransomware attacks are carried out by Russian-speaking cartels that have a “Pax Mafioso with the Russian regime.”
“They not only offset economic sanctions but act as cyber militias against western targets during times of geopolitical tension,” Kellerman explained. “We must expand forfeiture laws to allow for the greater seizure of assets being held by cybercriminals.”
In addition, he said, any exchange that doesn’t embrace the tenets of the Financial Action Task Force and is blatantly involved in the laundering of the proceeds of cybercrime should be shut down via cyber means and its assets seized and used for critical infrastructure protection. “Finally, insurers should be banned from making ransomware payments as these payments violate the sanctions imposed on Russia and North Korea,” he said.
Erich Kron, security awareness advocate at security awareness training company KnowBe4 Inc., said it’s no surprise that so many nations continue to band together to deal with the threat of ransomware.
“As the cost of ransoms increase and the complexity of attacks continue to evolve, a collaboration between governments is inevitable,” Kron said. “With some ransomware gangs targeting sectors, such as hospitals, that could lead to the loss of life, the urgency to find a solution for the problem is only heightened.”