World leaders recognize ransomware attacks as ‘global security threat’

Government cybersecurity leaders from the United States and more than 30 countries on Thursday formally recognized ransomware attacks as an “escalating global security threat,” and pledged greater cooperation and diplomacy in fighting against these incidents. 

“Ransomware is an escalating global security threat with serious economic and security consequences,” the leaders wrote in a joint statement released Thursday. 

The recognition came at the end of the two-day Counter Ransomware Initiative meeting hosted by the White House to help tackle the increasing ransomware attacks against critical organizations around the world, including some in the U.S. this year such as Colonial Pipeline and JBS USA. 

“As with other cyber threats, the threat of ransomware is complex and global in nature and requires a shared response,” the leaders wrote. “A nation’s ability to effectively prevent, detect, mitigate and respond to threats from ransomware will depend, in part, on the capacity, cooperation, and resilience of global partners, the private sector, civil society, and the general public.”

“Governments recognize the need for urgent action, common priorities, and complementary efforts to reduce the risk of ransomware,” the leaders stressed.

The nations pledged to try to address “safe haven” countries where malicious actors are able to operate, do more to “address the abuse” of the use of virtual currency exchanges for victims to make ransomware attack payments, continue diplomatic efforts to counter ransomware attacks and prioritize law enforcement collaboration to disrupt the threat ecosystem. 

Ministers and representatives from the U.S., Australia, Brazil, Bulgaria, Canada, the Czech Republic, the Dominican Republic, Estonia, the European Union, France, Germany, India, Ireland, Israel, Italy, Japan, Kenya, Lithuania, Mexico, the Netherlands, New Zealand, Nigeria, Poland, South Korea, Romania, Singapore, South Africa, Sweden, Switzerland, Ukraine, the United Arab Emirates and the United Kingdom participated. 

The two-day meeting featured sessions on resilience, disruption, virtual currency and diplomacy, with the U.S., Australia, Germany, India, and the United Kingdom leading various sessions. 

Notably, the Biden administration did not invite Russia to participate in the meeting, with a senior administration official telling reporters prior to the meeting that this was due to “various constraints.” Russian-based cybercriminals have been tied to multiple high-profile ransomware attacks this year, and President Biden urged Russian President Vladimir Putin in June to crack down on these groups. 

The meeting was mostly closed to the press, but kicked off with an open plenary session on Wednesday morning in which multiple leaders underlined the threat of ransomware, including leaders from Ireland, Israel and the Czech Republic, where attacks on hospitals have wreaked havoc. 

Prior to the meeting, the Biden administration had already taken a range of actions to address ransomware attacks, including the Justice Department standing up a ransomware task force in April, and the Department of Homeland Security making fighting these attacks one of its top priorities.