Advertisement

White House seeks international cooperation to thwart growing ransomware threat

During the International Counter Ransomware Summit in Washington, participants will discuss how to increase resilience against ransomware.
The White House in Washington, D.C. (Photo by Caroline Purser/Getty Images)

The White House is convening a ransomware summit on Monday to increase global and private sector cooperation to confront a problem that continues to bedevil law enforcement agencies around the world.

The two-day International Counter Ransomware Summit includes leaders from 36 countries and the European Union who will discuss how to bolster resilience against ransomware attacks and thwart the cybercriminals behind them.

“This is really a global problem,” a senior Biden administration official said ahead of the conference in Washington. “We’re seeing the pace and the sophistication of the ransomware attacks increase faster than our resilience and disruption efforts.”

One key factor that continues to fuel the ransomware problem is the fact that some nations such as Russia, which is not included in the summit, freely harbor ransomware actors. The countries participating in the summit are currently finalizing a shared statement that will address how to put pressure on countries harboring cybercriminals, the official said.

Advertisement

The summit, which is in its second year, is scheduled to begin with a threat briefing from Office of the Director of National Intelligence, FBI and the Cybersecurity and Infrastructure Security Agency outlining the current state of the ransomware problem, including a chart that shows 4,000 ransomware attacks over the past 18 months, broken down by sector worldwide.

Since last year’s virtual summit, participants have “worked to increase the resilience of all the partners to disrupt cybercriminals,” including hosting two global threat exercises to prepare nations to respond to ransomware attacks, the senior official said.

Yet, as the senior official noted, the problem only continues to become more challenging, with attacks against school districts, hospitals and other critical services still a common occurrence around the globe. That includes a recent attack that shut down services for members of CommonSpirit Health network, the second largest healthcare network in the U.S.

The official declined to comment on ongoing investigations into the attack but said it “certainly is the reason that we’re redoubling our work,” and pointed to White House discussions with the Department of Health and Human Services about cybersecurity requirements for hospitals.

Over the two days, participants will hear from leaders across the U.S. government including FBI director Christopher Wray, Deputy Secretary of Treasury Walley Adeyemo and Deputy Secretary of State Wendy Sherman.

Advertisement

New this year will also be the participation of 13 private sector companies and organizations: Crowdstrike, Mandiant, Cyber Threat Alliance, Microsoft, Cybersecurity Coalition, Palo Alto, Flexxon, SAP, Institute for Security + Technology, Siemens, Internet 2.0, Tata – TCS and Telefónica.

The Biden administration official said that one item of discussion for the summit will be putting into place information-sharing systems that will make it easier for Counter Ransomware Initiative members to share threat information.

The summit agenda is split between five working groups: resilience led by India and Lithuania, disruption led by Australia, virtual currency led by Singapore and the U.K., public-private partnerships led by Spain and diplomacy led by Germany.

The U.S. will stress the need for ongoing cooperation to thwart the illicit use of cryptocurrency by enacting strong know-your-customer standards globally.

Since the last summit, the Treasury Department has also hosted workshops for participant nations on how to use virtual currency tracing technology. The official pointed to how the U.S. is doubling down on the illicit use of cryptocurrency, including the sanctioning of Tornado Cash, a virtual currency mixer used by DPRK hackers to launder funds.

Advertisement

Other participating nations include Austria, Belgium Brazil, Bulgaria, Canada, Croatia, Czech Republic, the Dominican Republic, Estonia, European Commission, France, Ireland, Israel, Italy, Japan, Kenya, Lithuania, Mexico, the Netherlands, New Zealand, Nigeria, Norway Poland, Republic of Korea, Romania, South Africa, Sweden, Switzerland, Ukraine and United Arab Emirates.

Tonya Riley

Written by Tonya Riley

Tonya Riley covers privacy, surveillance and cryptocurrency for CyberScoop News. She previously wrote the Cybersecurity 202 newsletter for The Washington Post and before that worked as a fellow at Mother Jones magazine. Her work has appeared in Wired, CNBC, Esquire and other outlets. She received a BA in history from Brown University. You can reach Tonya with sensitive tips on Signal at 202-643-0931. PR pitches to Signal will be ignored and should be sent via email.

Latest Podcasts