An international coalition is making strides towards thwarting ransomware attackers and preventing them from receiving payments. The effort is being led by the Counter-Ransomware Initiative, which is finalizing a groundbreaking policy statement, declaring that member governments will not pay ransoms, according to Anne Neuberger, the White House deputy national security adviser for cyber and emerging technologies.
This initiative is expected to garner support from nearly 50 countries during its annual meeting this week. A key element of the plan involves the creation of a “blacklist of wallets” by the U.S. Department of Treasury, which will share data with participating nations regarding entities facilitating financial transactions for criminally-linked organizations. This data will enable countries to take action against such service providers, including freezing transactions.
Additionally, the international coalition is committed to providing assistance to Counter Ransomware Initiative members in the event of a major incident that disrupts essential services required for daily life, such as transportation, water, energy, and communications.
Established in 2021, this international effort recently welcomed Interpol and 13 additional countries, expanding its initial membership of 30 countries and the European Union. The United States remains one of the primary targets for cyberattacks, with 46 percent of global cyberattacks directed towards American entities. These attacks have resulted in disruptions ranging from product availability issues for companies like Clorox to the exposure of sensitive information from Minneapolis Public Schools students on the dark web.
Anne Neuberger emphasized the significance of cutting off the financial flow to ransomware criminals, asserting that as long as these criminals receive payments, the problem will persist and grow.
This move comes as defense contractor Boeing faces allegations of a compromise by the cybercrime organization Lockbit. Boeing is currently assessing the claim made by the organization. Meanwhile, the Pentagon, which has dealt with its own cyberattacks, is actively working on a strategy to help its contractors identify the critical assets that need protection and establish procedures for responding to and recovering from intrusions.
