Forty countries in a US-led alliance that includes South Africa plan to sign a pledge never to pay ransom to cybercriminals and to work towards eliminating the hackers’ funding mechanism, a senior White House official said on Tuesday.
The International Counter Ransomware Initiative comes as the number of ransomware attacks grows worldwide. The US is by far the worst hit, with 46% of such attacks, Anne Neuberger, US deputy national security adviser in the Joe Biden administration for cyber and emerging technologies, told reporters on a virtual briefing.
“As long as there is money flowing to ransomware criminals, this is a problem that will continue to grow,” she said.
In ransomware attacks, hackers encrypt an organisation’s systems and demand ransom payments in exchange for unlocking them. Often they also steal sensitive data and use it to extort victims and leak it online if the payments are not made.
While hundreds of companies fall victim every year, high-profile US attacks occurred in the last two months at casino operator MGM Resorts International and cleaning products maker Clorox. Both companies have not yet fully recovered from the disruptions.
The new initiatives by the alliance aim to eliminate the criminals’ funding through better information sharing about ransom payment accounts, Neuberger said. Two information-sharing platforms will be created, one by Lithuania and another jointly by Israel and the UAE.
Blacklist
Partner countries will share a blacklist through the US department of treasury that will include information on digital wallets being used to move ransomware payments, Neuberger said.
She added that the effort will use artificial intelligence to analyse blockchains with a view to identifying illicit funds.
Read: SA firms are paying ransomware crooks, despite the risks: Sophos
The volume of crypto payments to ransomware attackers is on track for its second-biggest annual total on record, blockchain analytics firm Chainalysis said in July. — Zeba Siddiqui, (c) 2023 Reuters