Forty Countries Agree Not to Pay Cybercrime Ransoms

Written by

Dozens of US allies have signed an agreement never to pay digital extortionists, in a sign of the growing impact ransomware is having on their national security and economies.

The pledge was made at the second annual meeting of the International Counter Ransomware Initiative and reported by attendant media, although there is no official word yet from the White House.

“As long as there is money flowing to ransomware criminals, this is a problem that will continue to grow,” deputy national security advisor, Anne Neuberger, is reported as saying.

It is unclear how the pledge would work in practice, but if translated into local law or regulation it could force organizations to adopt industry best practices, according to AppOmni researcher, Joseph Thacker.

“The goals are ambitious. Many countries and companies that get hit with ransomware don’t have the backups to survive without paying the ransom,” he explained.

“A pledge like this would force their hand, however, and there are high quality backup solutions today which can be deployed quickly and easily.”

Read more on ransomware initiatives: CISA Unveils Ransomware Notification Initiative

Also at the White House meeting, attendee nations pledged to disrupt the mechanisms by which threat actors are able to receive payment from their victims, according to Reuters.

This will include creating better information-sharing platforms about crypto payment accounts used by the ransomware actors and more rigorous AI analysis of blockchain payment flows to identify illicit funds.

The US Treasury Department will circulate a blacklist of digital wallets used by threat actors, while two separate information-sharing platforms will apparently be launched, one by Lithuanian authorities and one by the UAE/Israel.

According to a blockchain activity analysis by Chainalysis, ransomware is on track to have one of its biggest years to date. Threat actors extorted at least $449m from January to June 2023, $176m more than the same period in 2022, the firm said.

What’s hot on Infosecurity Magazine?