More than 30 nations discussed tactics for collaborating in the fight against ransomware, but it competes with a Russian-led UN initiative. Credit: Thinkstock The White House’s Counter-Ransomware Initiative event, facilitated by the National Security Council (NSC), concluded two days of public-facing and closed-door sessions. Present were ministers and representatives from more than 30 countries and the European Union.Interestingly, Russia, the country where cybercriminals apparently enjoy safe harbor from which to launch malware, including ransomware attacks against non-Russian targets, was excluded from the meeting. The White House noted it fully expects Russia to “address ransomware criminal activity coming from actors within Russia” and that the Experts Group has had “frank and professional exchanges” and “We (United States) have shared information with Russia regarding criminal ransomware activity being conducted from its territory.”That is not to say that Russia isn’t trying to get a seat at the table of global discussion on cybersecurity. Russia is attempting to shape the global discussion and is leading the effort within the United Nations to organize a cybercrime treaty, pushing through a resolution in May 2021 calling for the Ad Hoc Committee to organize six ten-day sessions on the topic to begin in January 2022. Collaborate to disrupt ransomware The two-day meeting, which was announced by President Joe Biden within his statement on Cybersecurity Awareness Month, highlighted the importance of “bringing the full strength of our capabilities to disrupt malicious cyber activity.” Of particular note, especially for CISOs, was the purpose of international engagement, designed to accelerate “cooperation on improving network resilience, addressing the financial systems that make ransomware profitable, disrupting the ransomware ecosystem via law enforcement collaboration, and leveraging the tools of diplomacy to address safe harbors and improve partner capacity.”The four areas of import were identified as: Disrupt ransomware infrastructure and actorsBolster resilience to withstand ransomware attacksAddress the abuse of virtual currency to launder ransom paymentsLeverage international cooperation to disrupt the ransomware ecosystem and address safe harbors for ransomware criminalsThe countries worked through six sessions, which began with a plenary (open to the press).The virtual event concluded with a joint statement from the participating countries. In the statement the “governments recognize the need for urgent action.” It also provided a roadmap for the areas of importance, which CISOs will find heartening, and identified the challenges ahead.Resilience: This is more than technology, policy, frameworks, resources, governance, rehearsed incident response, trained and ready workforce, and public-private partnership. The participants are “dedicated to working together and with the private sector to promote improvements in basic cyber hygiene,” and sharing among CERTS.Countering illicit finance: This includes actions to “drive down economic incentives for ransomware actors” and “enhance the capacity of our national authorities, to include regulators, financial intelligence units, and law enforcement to regulate, supervise, investigate, and take action against virtual asset exploitation.”Disruption and other law enforcement efforts: Degrade and hold accountable criminals and enable timely cooperation among intelligence, law enforcement, cybersecurity, et al working together to disrupt and destabilize criminal operations.Diplomacy: Create rules-based behavior to address operations taking place from a nation’s footprint and coordinate action to counter states that take no action to address cybercriminals. Use diplomacy to share approaches to capacity building.Upon the conclusion of the event, Deputy National Security Advisor for Cyber and Emerging Technology, Anne Neuberger said, “There can be moments of extreme difficulty in our work to improve resiliency and fight cybercrime. It will be important moving forward to recall this moment of partnership and that no one country is ever truly alone in the fight against ransomware.” While Dr. Ivana Stradner, Jeanne Kirkpatrick visiting research fellow at the American Enterprise Institute noted, “This meeting is a step in the right direction. However, combatting ransomware requires not only strong cyber defense but also forceful offensive cyber capabilities. Only a few EU member states possess offensive capabilities, which might be problematic for the transatlantic cyber partnership.” She also cautioned how this effort, may find itself heading into a collision course with the UN’s effort at creating a cybercrime treaty, especially regarding the “rules of the road”, as the UN effort is being led by Russia.Simon Hunt, executive vice president for cyber production innovation at MasterCard, sums it up nicely for CISOs: “Don’t forget, ransomware is just another name for malware. All the things you do to protect your company from viruses, etc., protect you from ransomware.” Related content news CISA, FBI urge developers to patch path traversal bugs before shipping The advisory highlights how developers can follow best practices to fix these vulnerabilities during production. By Shweta Sharma May 03, 2024 3 mins Vulnerabilities news Microsoft continues to add, shuffle security execs in the wake of security incidents The company has appointed new product security chiefs as well as a customer-facing CISO as it continues to respond to high-profile attacks on its products and own network. By Elizabeth Montalbano May 03, 2024 4 mins CSO and CISO feature Malware explained: How to prevent, detect and recover from it What are the types of malware? How does malware spread? How do you know if you’re infected? We've got answers. By Josh Fruhlinger May 03, 2024 18 mins Ransomware Phishing Malware brandpost Sponsored by Cyber NewsWire LayerX Security Raises $26M for its Browser Security Platform, Enabling Employees to Work Securely from Any Browser, Anywhere Early adoption by Fortune 100 companies worldwide, LayerX already secures more users than any other browser security solution and enables unmatched security, performance and experience By Cyber NewsWire May 02, 2024 4 mins Cyberattacks Security PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe