WASHINGTON - Just as the Biden administration hoped when it scheduled this month’s 30-nation meeting on ransomware and cyber security, the attendees have resolved to fight the issue together.
The White House facilitated meetings on Wednesday and Thursday that brought together representatives from countries on every continent. These countries released a joint statement on Thursday calling ransomware "an escalating global security threat with serious economic and security consequences."
Russia was notably absent from this week’s conference. Russian hackers have been responsible for several ransomware attacks.
Since President Joe Biden raised the issue directly with Russian President Vladimir Putin this summer in a summit and a later phone call, there have been "candid discussions" about cybercriminals operating within Russia's borders, the official said.
Ransomware is a type of malware where one party threatens to publish or block access to the victim’s data unless they receive a ransom.
Some ransomware attacks can be easily undone by an IT professional. But cryptovirology is much harder to reverse as it involves encrypting the victim’s data. Without a decryption key, the data may be lost.
"From malign operations against local health providers that endanger patient care, to those directed at businesses that limit their ability to provide fuel, groceries, or other goods to the public, ransomware poses a significant risk to critical infrastructure, essential services, public safety, consumer protection and privacy, and economic prosperity," the joint statement said. "As with other cyber threats, the threat of ransomware is complex and global in nature and requires a shared response."
To improve cybersecurity, the countries committed to improving network resilience to prevent incidents when possible and to respond effectively when incidents do occur.
Network resilience involves technical capabilities, but it includes many cybersecurity best practices that can reduce the chances of threats.
"These basic steps include maintaining offline data backups, use of strong passwords and multi-factor authentication, ensuring software patches are up to date, and education against clicking suspicious links or opening untrusted documents," the joint statement read.
Each country plans to address the abuse of financial mechanisms to launder ransom payments or conduct other activities that make ransomware profitable.
The group pledged to enhance its efforts to disrupt the ransomware business model and money-laundering activities through anti-money laundering frameworks and mitigating risks associated with virtual asset service providers.
"We will also seek out ways to cooperate with the virtual asset industry to enhance ransomware-related information sharing," the statement said.
Finally, the group agreed to disrupt the ransomware ecosystem via law enforcement collaboration to investigate and prosecute ransomware actors, addressing safe havens for ransomware criminals, and continued diplomatic engagement.
"Ransomware criminal activity is often transnational in nature, and requires timely and consistent collaboration across law enforcement, national security authorities, cybersecurity agencies, and financial intelligence units," the statement said.
This story was reported from Atlanta. The Associated Press contributed to this report.