US, allies seek ways to combat ransomware as online attacks proliferate | American Military News

US, allies seek ways to combat ransomware as online attacks proliferate | American Military News

This article was originally published by Radio Free Europe/Radio Liberty and is reprinted with permission.

The United States is rallying dozens of allies and partners at a two-day virtual conference to discuss ways to combat ransomware as online attacks proliferate, hurting businesses and undermining national security.

Representatives of 30 countries from Europe, the Middle East, Africa, South America, and Asia will join Biden administration officials at the conference on October 13-14 to consider how to disrupt the ransomware ecosystem, including making it harder to use cryptocurrency as a means of payment.

The meeting — whose participants include representatives from Ukraine, Bulgaria, and Romania — will also focus on how to prosecute cybercriminals and how to deal with nation-states that fail to tackle cybergangs operating inside their borders.

The Biden administration has made fighting ransomware a top priority as the number and severity of cases has surged in recent years, impacting a wide array of industries from retail and food to health care and critical infrastructure.

Ransomware payments globally topped $400 million last year, the White House said.

Frank Cilluffo, the director of Auburn University’s McCrary Institute for Cyber and Critical Infrastructure Security and a government adviser, told RFE/RL that ransomware has become a transnational issue which requires some transnational solutions.

“We’re going to need to be able to work with like-minded allies to start addressing this challenge in earnest and collectively applying some pressure on countries that are turning a blind eye to some of this,” Cilluffo said. “I’m not sure we’re going to get to the goal on all that (at the conference) but you need to start the conversation.”

In two high-profile cases earlier this year, cybergangs believed to be based in Russia disrupted the operations of a major U.S. pipeline operator as well as a large meat packing company. Moscow has denied allegations of cyberattacks on Western countries.

Representatives from Russia were not invited to the conference, a senior administration official told reporters on October 12, adding that Washington and Moscow recently set up a high-level, bilateral dialogue on cybersecurity.

President Joe Biden and Russian President Vladimir Putin agreed at their June summit in Geneva to relaunch talks about cyberattacks. Biden called on Putin to tackle cybercriminals operating from inside Russia.

The senior official said that the United States has “seen some steps by the Russian government” since the talks began in the summer but declined to say what they were.

The official said the October 13-14 conference would be the first in a series on the topic and did not rule out that Russia could be invited in the future.

The acceptance of cryptocurrencies and the partial anonymity they offer has helped fuel the growth of ransomware.

Herbert Lin, a senior research scholar for cyber policy and security at Stanford University, told RFE/RL that conference participants need to focus on how to interfere with cryptocurrency payments.

Ransomware will become less attractive if cybercriminals can’t turn the cryptocurrency payments into cash, he said.

“The more countries involved in the discussion, the better but in the end you want to have global controls on cryptocurrency redemption,” he said.

The Treasury Department last month imposed sanctions on a cryptocurrency exchangefor the first time as it seeks to crack down on the use of digital currencies in ransomware attacks. The department said about 40 percent of the transactions at Suex, which operates in Russia, involves illicit activities. The new sanctions will block all trades involving Suex and U.S. entities.

Cilluffo also said the conference needs to draw attention to the problem of servers that host malware and black market websites.

Along with cryptocurrencies, such servers are key elements in the ransomware ecosystem and many are located in East European countries.

“The big issue that I’d like to see coming out of this is…putting a little bit of pressure or at least raising of awareness of what these service providers and services are offering,” he said.

This content was originally published here.

Laat een reactie achter

Het e-mailadres wordt niet gepubliceerd.