Representatives from 36 countries and the EU agree that combatting ransomware requires international collaboration but legal systems need to catch up. Credit: Thinkstock The US White House this week convened its Second International Counter Ransomware Initiative Summit (CRI), bringing together leaders from 36 countries and the European Union in person to build on the work of its first ransomware summit in 2021. At a press briefing before the Summit, a White House spokesperson said, “While the United States is facilitating this meeting, we don’t view this solely as a US initiative. It’s an international partnership that spans most of the world’s time zones, and it really reflects the threat that criminals and cyberattacks bring.”Later, the White House issued a fact sheet stating that throughout the summit, CRI and private-sector partners discussed and developed concrete, cooperative actions to counter the spread and impact of ransomware around the globe. In closing remarks at the summit, US National Security Advisor Jake Sullivan stressed the importance of international collaboration in tackling the ongoing ransomware crisis. “We’ve been focused on really strengthening collaboration with our partners—doing this in partnership with other countries because any one country solving their cyber problem is not really getting after the root of this problem, which is a network problem that affects all of us,” he said.In addition to the 37 countries, 13 companies and organizations participated in this year’s CRI including Crowdstrike, Mandiant, Cyber Threat Alliance, Microsoft, Cybersecurity Coalition, Palo Alto Networks, Flexxon, SAP, Institute for Security + Technology, Siemens, Internet 2.0, Tata – TCS, and Telefonica. The Summit participants were divided into five working groups focused on resilience, disrupting bad actors, countering illicit cryptocurrency movements, bringing diplomatic pressure on bad actors, and establishing public-private partnerships.Borderless threats call for a borderless responseSeveral common themes emerged at the summit’s closing session. First, all the country participants appreciated the Biden administration hosting the CRI and, like Sullivan, emphasized the critical role international collaboration needs to play in defeating ransomware. Michael Pezzulo, secretary of the Department of Home Affairs in Australia, said, “It’s a borderless threat, so, therefore, it needs a borderless response.” “I am so grateful that this group is a global group, at least with a global reach and global ambition,” Tanel Sepp, Estonia’s ambassador at large for cyber diplomacy, said. “We are all sharing the same challenge, and we need the same solutions.”Lt. Gen Rajesh Pant, national cyber security coordinator at the National Security Council Secretariat of India, said, “The exponential growth of ransomware attacks worldwide has underscored the need for global and regional cooperation in both mitigating the attacks as well as devising internationally accepted policies and procedures to attribute and disrupt the threat actors.” David Koh, commissioner of cybersecurity and chief executive of the Cyber Security Agency (CSA) of Singapore, said, “Ransomware is a common threat to our respective countries, companies, and citizens. It poses economic, social, and even national security harm to us. Interestingly, we are all facing a common threat. The bad guys are out there. We are all on the same side. This is an area where countries from a wide political spectrum can find common cause and work together collaboratively.”Carl Fredrik Wettermark, the senior cyber policy advisor in the Swedish Ministry for Foreign Affairs, said that when the Kaseya supply chain attack hit in 2021, he was on an island in the Stockholm archipelago. “I had two thoughts when that happened: One was I would not be able to get food because there was only one store on the island. And that was very unfortunate, and it made me very sad. My second thought, though, was that if a cyberattack on a company in Miami is preventing me from getting meatballs and herring for my kids on a remote island in Sweden, I’m really living in a very interconnected world.”Ransomware threatens societies and national securityAnother common theme of the summit is that ransomware has risen over the past five years from a petty money-making criminal enterprise to become an existential threat to all nations’ social functioning and national security. “Ransomware is a growing national security threat in Canada, Patricia Geddes, associate deputy minister of public safety in Canada, said. “It compromises the safety of Canadian citizens, the security of their online environment, and the prosperity of our economy.”Pavel Stepanik of the Czech Republic said that “Ransomware is a national security imperative. We can no longer see ransomware as a type of organized crime carried out by non-state actors.” Touching on the glaring absence from the summit of Russia, which tolerates and by all accounts encourages ransomware actors within its borders, Stepanik added, “Cybercriminals very often act in close coordination and on behalf of states including Russia. Ransomware has become a great source of illicit profit for authoritarian regimes, and we must work together to counter this threat.”Richard Browne, director of the National Cyber Security Centre in Ireland, said that “everybody knows that ransomware has grown from a nuisance issue to being a real proximate risk to national security and our future prosperity. And that kind of crosscutting dynamic international problem requires a global response.”Legal clarifications for borderless response to ransomware are neededSeveral participants raised the need to respect that different nations have different legal authorities governing how far they can work with other countries. “We need to respect the fact that we have different legal authorities and capacities,” Australia’s Pezzulo said. “I think we’ve worked through those issues very well [during the CRI] and got to a good equilibrium that balances the need for an aggressive borderless response, but one that respects the equities of national jurisdictions.” “We have started to think how to solve the international legal issue so we can get the attackers in cyberspace and not in legal space,” Aviram Atzaba, executive director of strategy and international cooperation at Israel National Cyber Directorate, said.Janusz Cieszyński, secretary of state, Government Plenipotentiary for Cyber Security, said, “I’d like to stress that we have no time to spare. I hope we will be able to take the can-do attitude that is in this room back to our home countries and go straight through the legal, security, and all the other teams to make action items from our meeting possible soon.”“Our commitment must be a long-term one and must include the development of capacities of the legal framework and common tactical, operational, and policy approaches,” Iulian Fota, director general at the Romanian Diplomatic Institute, said.The private sector is a key player Most of the participants say that any strategy to combat ransomware requires the participation of the private sector to succeed. Dr. Bernd Pichlmayer, advisor to the federal chancellor at the Federal Chancellery of Austria, said that “A whole-of-society approach to delivering a deeply needed piece to solve the global ransomware puzzle needs to include predefined interfaces and cooperation with the private sector.” Jose Montilla Suero, digital vice minister in the Dominican Republic, said, “the government cannot achieve our cyber resilience goals alone. The private sector owns and operates much of our nation’s critical infrastructure. There is only one way to defend the state from cyber threats, and that is through government industry and civil society working together, sharing appropriate information, and raising awareness and education as allies behind the same goals.” Related content news Multibillion-dollar cybersecurity training market fails to fix the supply-demand imbalance Despite money pouring into programs around the world, training organizations have not managed to ensure employment for professionals, while entry-level professionals are finding it hard to land a job By Samira Sarraf Oct 02, 2023 6 mins CSO and CISO CSO and CISO CSO and CISO news Royal family’s website suffers Russia-linked cyberattack Pro-Russian hacker group KillNet took responsibility for the attack days after King Charles condemned the invasion of Ukraine. By Michael Hill Oct 02, 2023 2 mins DDoS Cyberattacks feature 10 things you should know about navigating the dark web A lot can be found in the shadows of the internet from sensitive stolen data to attack tools for sale, the dark web is a trove of risks for enterprises. Here are a few things to know and navigate safely. By Rosalyn Page Oct 02, 2023 13 mins Cybercrime Security news ShadowSyndicate Cybercrime gang has used 7 ransomware families over the past year Researchers from Group-IB believe it's likely the group is an independent affiliate working for multiple ransomware-as-a-service operations By Lucian Constantin Oct 02, 2023 4 mins Hacker Groups Ransomware Cybercrime Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe