The countries involved in the two-day ransomware summit[1] led by the US have released a joint statement[2] pledging to make systems more resilient against attack and outlining measures that will be taken to disrupt the criminal groups involved.
The summit included representatives from the US, Australia, Brazil, Bulgaria, Canada, Czech Republic, the Dominican Republic, Estonia, European Union, France, Germany, India, Ireland, Israel, Italy, Japan, Kenya, Lithuania, Mexico, the Netherlands, New Zealand, Nigeria, Poland, South Korea, Romania, Singapore, South Africa, Sweden, Switzerland, Ukraine, UAE, and the United Kingdom.
All of the countries agreed that ransomware is an "escalating global security threat with serious economic and security consequences." The countries reiterated that ransomware requires a "shared response" because of how complex and global the issue is.
"Efforts will include improving network resilience to prevent incidents when possible and respond effectively when incidents do occur; addressing the abuse of financial mechanisms to launder ransom payments or conduct other activities that make ransomware profitable; and disrupting the ransomware ecosystem via law enforcement collaboration to investigate and prosecute ransomware actors, addressing safe havens for ransomware criminals, and continued diplomatic engagement," the statement said.
The countries pledged to make systems more resilient through policy measures, more resources, clear governance structures, well-rehearsed incident response procedures, trained workers, and private sector partnerships.
They urged organizations to maintain offline data backups, require timely patches, and use MFA as well as stronger passwords.
Nations should also "consider" frameworks that promote information sharing between ransomware victims and local cyber emergency response teams.
The statement mentioned other ways to limit the effectiveness of ransomware gangs, including the disruption of payment networks. Through international cooperation, the countries said they planned to "inhibit, trace, and interdict ransomware payment flows, consistent with national laws and regulations."
"Taking action