The members of the International Counter Ransomware Initiative (CRI) have agreement a joint policy statement declaring that member governments should not pay ransoms demanded by cybercriminal groups. The agreement was announced during the third CRI summit in Washington, D.C this week.\n\nCRI members affirmed the importance of strong and aligned messaging discouraging paying ransomware demands and leading by example, endorsing a statement that relevant institutions should not pay ransomware extortion demands. Members also agreed to the creation of a shared blacklist of wallets through the US Department of the Treasury\u2019s pledge to share data on illicit wallets used by ransomware actors. The 50 members of the CRI include Australia, Canada, India, the UK, and the US as well as the European Union (EU) and INTERPOL.\n\nThe debate around whether it is ever right to pay ransoms in the wake of a ransomware attack in a contentious one. On the one hand, it can be seen as funding malicious activity without any guarantee than payments will see stolen or encrypted data returned to victims. On the other, it may be considered a victim\u2019s only feasible option to maintain operations by regaining access to information and systems.\n\nLast year, the UK\u2019s National Cyber Security Centre (NCSC) and data protection regulator the Information Commissioner\u2019s Office (ICO) issued a joint letter to the Law Society urging lawyers to warn their clients against paying cybercrime ransoms. The guidance followed a rise in ransomware payments being made by businesses and emphasized the stance of both the NCSC and ICO that payment of a ransom will not keep data safe or be viewed as mitigation.\n\nCRI members commit to building collective resilience to ransomware\n\nDuring the third CRI gathering, members reaffirmed a joint commitment to building a collective resilience to ransomware, cooperating to undercut the viability of ransomware and pursuing the actors responsible, countering illicit finance that underpins the ransomware ecosystem, working with the private sector to defend against ransomware attacks, and continuing to cooperate internationally across all elements of the ransomware threat, read a White House statement.\n\nMembers will work toward attaining a comprehensive understanding of the ransomware threat by sharing information and exchanging knowledge through virtual seminars and labs, with plans to create and share resources to build national counter-ransomware capacity, working to develop practical tools for governments to prevent, respond to, and recover from ransomware attacks, it added.\n\nThe ICR Task Force \u2013 established at least year\u2019s meeting \u2013 will also continue to support transnational operations conducted by its members and collaborate with industry to target disruptive activities at key components of ransomware ecosystem, in recognition that ransomware is a cross-border and cross-sectoral threat that necessitates close collaboration across governments and sectors to be effectively combatted, the statement continued.