What world governments are doing about the spike in ransomware attacks

What world governments are doing about the spike in ransomware attacks
A man types on a computer keyboard in this illustration picture taken February 28, 2013. REUTERS/Kacper Pempel
Basically, the meetings focused on how to either make sure that crypto payments weren’t being done anonymously, and how to try make it harder for ransomware attacks to freeze infrastructure, such as pipelines.

What’s going on with the ransomware attacks?

  • Ransomware is a type of cyberattack whereby hackers essentially hold an organization’s data hostage until that organization pays a ransom. Usually, this is in the form of cryptocurrency.
  • The reason crypto is used, though, is because it’s essentially impossible to track who the money got sent to once the money is sent.
  • Recently, ransomware attacks have been on the rise. According to a recent report by the United States Treasury Department, the US is on pace to nearly double the number of ransomware attacks in 2021 as it saw in 2020.
  • And that number is likely under reported since many companies actually choose not to report getting hit by a ransomware attack out of fear that it send the wrong signal to investors, meaning that the money that gets sent due to ransomware is likely much higher.
  • This can be a massive issue since these ransomware attacks have had some pretty catastrophic effects, such as shutting down pipelines and causing the availability of oil and gas to drop and prices to skyrocket.

What’s the US doing about it?

  • In mid-October, the Biden administration convened an international summit on the subject, with 30 different countries in attendance. 
  • According to Anne Neuberger, the Deputy National Security Advisor for Cyber and Emerging Technologies, the conference was a “counter-ransomware initiative,” that focused on “cryptocurrency, resilience, disruption and diplomacy.”
  • Basically, the meetings focused on how to either make sure that crypto payments weren’t being done anonymously, and how to try make it harder for ransomware attacks to freeze infrastructure, such as pipelines.
  • The summit included some US allies, like Germany, the United Kingdom, Australia, and others, such as Israel, the United Arab Emirates, and Nigeria.
  • Russia, though, was absent.

Why wasn’t Russia there?

  • The Biden team explained that they didn’t want Russia at the table for this first summit, because they thought Russia was going to do everything they could to sabotage any progress from happening.
  • You see, Russia is believed to be the home of the hackers behind several major hacks in recent years, including the Colonial Pipeline hack earlier this year.
  • The US has said Russia has been fairly cooperative. Still, there haven’t been any arrests or anything. From the US’ government’s perspective, the general belief is that you don’t do something like this in Russia without the government knowing about it.
  • Biden administration officials have said that they’d like to see Russia at the table in the future, but that didn’t seem to be the case for this first meeting.
  • The New York Times quoted a senior foreign diplomat that attended the meeting who said that the meeting reminded him of “the early days of counterterrorism."
  • “But in that case, we let the Pakistanis in the room, and treated them like they would be part of the solution,” he said. “No one was willing to do that with Russia.”

What did the groups at the summit decide?

  • Well, not really anything, actually.
  • The summit was conducted mostly in private. But, in the one public portion, it was acknowledged that different governments were likely going to try to solve these problems in different ways.
  • The goal, though, isn’t necessarily to solve the entire problem of ransomware in a two-day conference. Instead, it’s to establish some broader agreements of the problems and possible solutions.

You drive the stories at TMS. DM us which headline you want us to explain, or email us.