Ransomware meeting highlights: Commitments to dismantle secure hideouts, illegal fund transfers

In a significant move against the growing menace of ransomware attacks, a joint action plan was announced at the conclusion of a 30-nation virtual summit hosted by the Biden administration. The summit, which included the United States, United Kingdom, European Union member states, and other countries committed to international cybersecurity cooperation, aims to enhance collaboration in intelligence sharing, ransomware group investigation and prosecution, tracking and disrupting illegal transfers and money laundering, and diplomatic efforts to eliminate safe havens for these criminals.

One of the key organisations under scrutiny is the BlackMatter, which is said to have strong ties to the DarkSide organisation. Reports suggest that at least one of the recent ransomware attacks on the U.S. agricultural and food supply business has been linked to the BlackMatter organisation.

Corporate stakeholders are expressing concern about understanding the risk calculus of their technology stacks, specifically whether they are potential targets. Steve Turner, an analyst of security and risk at Forrester, emphasises that collaboration and cooperation are key to defending against destructive threats such as ransomware.

The meeting may further isolate ransomware havens like Russia and China. The Biden administration enacted a number of sanctions against Russia in April in response to the SolarWinds campaign, Russian interference in the 2020 election, and other geopolitical disputes. President Joe Biden personally confronted Russian President Vladimir Putin after the Colonial Pipeline and JBS USA ransomware incidents.

Addressing cyber issues, including ransomware criminals, has been consistently high on the agenda with the Russian Federation for the State Department. Under Secretary [Victoria] Nuland's discussions with Russian counterparts would center on staffing of US missions in Russia but also address a broad range of bilateral issues.

Getting non-traditional participants like India, Romania, and Ukraine, lined up as partners in the anti-ransomware fight is a good first step, according to Jamil Jaffer, SVP at IronNet. He also emphasised the need for concrete steps on the commitments made at the ransomware summit and a renewed effort to bring together U.S. and allied companies, industries, and governments in a collective defense framework.

The joint call to action aims to gather worldwide support to crack down on malicious cyber activity and the illicit use of cryptocurrency. The proliferation of ransomware linked to Russia-backed threat actors has allowed the Kremlin the ability to indirectly target key U.S. industries.

The joint statement was issued by ministers and national representatives from participating countries, promising to collaborate on intelligence sharing, investigation and prosecution of ransomware gangs, tracing and disruption of illegal funds transfer, and diplomatic efforts to root out safe havens for such criminals. Some experts are calling for more robust, open, and direct countermeasures to deter rogue nation states from using cybercriminals as geopolitical proxies.

In conclusion, the international community is taking a united stand against the growing threat of ransomware attacks. The collaboration and cooperation among countries, industries, and governments are crucial in defending against these destructive threats and ensuring the safety and security of critical infrastructure.

Ransomware meeting highlights: Commitments to dismantle secure hideouts, illegal fund transfers