In the war against ransomware, we appear to be losing.

Leading up to the recently concluded Second International Counter Ransomware Initiative Summit, a Biden Administration Official said, “So, we’re seeing the pace and the sophistication of the ransomware attacks increasing faster than our resilience and disruption efforts”.

This reality can be seen by the fact that U.S. financial institutions lost nearly $1.2 billion in costs due to ransomware attacks in 2021. This is an almost 200% increase over the previous year, according to data reported by banks to the U.S. Treasury Department.

Given the continued ransomware assault, the White House has outlined a response plan for 2023.

Second International Counter Ransomware Initiative

From October 31 to November 1, the White House convened 36 countries in addition to the E.U. for the Second International Counter Ransomware Initiative (CRI) Summit. During the Summit, the CRI and private sector partners discussed and developed cooperative security strategies. The goal was to deter the spread and impact of ransomware worldwide.

Throughout 2022, the CRI’s efforts against ransomware were carried out by the following working groups:

  • Resilience (co-led by Lithuania and India)
  • Disruption (led by Australia)
  • Counter illicit finance (led by the U.K. and Singapore)
  • Public-private partnership (led by Spain)
  • Diplomacy (led by Germany).

This year’s Summit built upon the working groups’ past experience with new plans for 2023.

Counter Ransomware Initiative Plans for 2023

For next year, the CRI outlined multiple tactics to improve security against the ransomware threat. According to the White House, this will include priorities such as:

  • Establishing an International Counter Ransomware Task Force (ICRTF). The ICRTF will coordinate resilience, disruption, countering illicit finance and information and capability sharing. Australia will lead this effort.
  • Creating a fusion cell at the Regional Cyber Defense Centre (RCDC) in Kaunas, Lithuania. The cell will test a scaled version of the ICRTF and operationalize ransomware-related threat intelligence. The idea is to share technical information about ransomware (tools, tactics and procedures, or TTP) with a broad spectrum of stakeholders.
  • Delivering an investigator’s toolkit. This includes insights and strategies about how to respond to significant ransomware threats. The toolkit will also focus on offensive measures to effectively disrupt threat operations. Subsequently, CRI partners will benefit from the breadth of expertise and technical capability generated by the working groups.
  • Engage with the private sector. Trusted information sharing and coordinated action with the private sector will further improve responses to operational disruption.
  • Publish joint advisories. These will outline TTPs for key identified actors. Joint public advisories will also offer warning and mitigation measures to the international community.
  • Coordinate priority targets. In this case, a unified framework will focus on hard and complex targets. The goal is to create concrete disruption results with law enforcement groups.

Fighting the Ransomware Battle

As ransomware continues to inflict significant damage across the globe, the CRI seeks to improve collaboration and provide tools to help counter the threat. Ransomware protection solutions will continue to evolve to meet organizational needs worldwide.

To fortify your knowledge and defenses against ransomware, IBM Security has published the Definitive Guide to Ransomware 2022.

To schedule a no-cost consult with X-Force, click here.

If you are experiencing cybersecurity issues or an incident, contact X-Force to help: U.S. hotline 1-888-241-9812 | Global hotline (+001) 312-212-8034.

More from News

More School Closings Coast-to-Coast Due to Ransomware

Instead of snow days, students now get cyber days off. Cyberattacks are affecting school districts of all sizes from coast-to-coast. Some schools even completely shut down due to the attacks. The federal government recently warned that K-12 schools face a growing threat from cyber groups. According to the FBI, school districts often have limited cybersecurity protections, which makes them even more vulnerable. The FBI also says it anticipates the number of threats to increase. In a recent warning, the nation’s…

Hackers are Increasingly Targeting Auto Dealers

Auto dealerships are increasingly concerned with cybersecurity in the face of new regulations and an alarming rise in cyberattacks. The Second Annual Global State of Cybersecurity Report by CDK Global found that 85% of dealerships say cybersecurity is very or extremely important relative to other operational areas. Additionally, 89% say cybersecurity is more important than last year, a 12% increase. Not surprisingly, only 37% of auto retailers are confident in the current protection, which is a 21% decrease from 2021.…

LastPass Breaches Cast Doubt on Password Manager Safety

In 2022, LastPass suffered a string of security breaches which sparked concern among cyber professionals and those impacted by the intrusions. Some called into question the way LastPass handled and responded to the incident. In addition, the situation ignited a wider conversation about the risks linked to utilizing password managers. A password manager helps users generate strong passwords and safeguards them within a digital locker. A master password secures all data, which enables users to conveniently access all their passwords…

Good Guys Decrypt Ransomware Targeting Charitable Groups

Imagine you’re an IT manager amid a ransomware attack. While your team scrambles for solutions, the intruders demand a ransom. Of course, you don’t want to pay; you just want your files back. But as time ticks by and the extortionists turn up the heat, your bosses are about to give in and pay the ransom. But then, the FBI calls. “Don’t pay,” the agent says. “We’ve found someone who can crack the encryption.” Sound too good to be true?…