Ransomware is an escalating global cybersecurity threat with “serious economic and security consequences”, said a group of 30 countries in a joint statement on Thursday after a key virtual meeting hosted by the US. India, Germany, Australia and the UK played a leading role in organising the two-day talks.
The joint statement on cybersecurity said governments “recognise the need for urgent action, common priorities and complementary efforts to reduce the risk of ransomware”.
The participating countries also said efforts will be made to improve network resilience; address the abuse of financial mechanisms to launder ransom payments or conduct other activities that make ransomware profitable; and to disrupt the ransomware ecosystem via law enforcement collaboration and diplomatic engagement.
On the need to show resilience against ransomware attacks – the discussions on which were led by India at the summit on cybersecurity – the statement said efforts will be made to address it not just as a technical issue but as one that “requires effective policy frameworks, appropriate resources, clear governance structures, transparent incident response procedures, a ready workforce, partnership with the private sector, and consistently enforced legal and regulatory regimes”.
On countering illicit finance – discussion on which were led by the UK – the statement said efforts focus on “enhanced international cooperation to inhibit, trace and interdict ransomware payment flows, consistent with national laws and regulations, which will drive down economic incentives for ransomware actors”.
On disrupting the ransomware ecosystem through law enforcement – a subject was anchored by Australia – the participating countries said the focus will be on “timely and consistent collaboration across law enforcement, national security authorities, cybersecurity agencies and financial intelligence”.
And on diplomacy – the cybersecurity discussions on which were led by Germany – the countries resolved to leverage “diplomacy through coordination of action in response to states whenever they do not address the activities of cybercriminals”.
Other governments that participated in the cybersecurity initiative, apart from the EU bloc, are Brazil, Bulgaria, Canada, Czech Republic, Dominican Republic, Estonia, France, Ireland, Israel, Italy, Japan, Kenya, Lithuania, Mexico, the Netherlands, New Zealand, Nigeria, Poland, South Korea, Romania, Singapore, South Africa, Sweden, Switzerland, Ukraine and the UAE.
