Senior Officials Join the U.S. in an Anti-Ransomware Initiative
Following the White House’s Counter-Ransomware Initiative Event, Many States Agreed to Fight For Crypto Payments Channels Disruption.
Following the last week’s White House National Security Council’s virtual meetings on the Counter-Ransomware Initiative event, senior officials from the U.E. and 31 countries have issued a joint statement where they acknowledged their focus on cryptocurrency payment channels disruption, asserting that their governments will begin to take action in this sense.
What Countries Are Involved in the Anti-ransomware Initiative?
The entities involved are the following, as per the published statement:
We the Ministers and Representatives of Australia, Brazil, Bulgaria, Canada, Czech Republic, the Dominican Republic, Estonia, European Union, France, Germany, India, Ireland, Israel, Italy, Japan, Kenya, Lithuania, Mexico, the Netherlands, New Zealand, Nigeria, Poland, Republic of Korea, Romania, Singapore, South Africa, Sweden, Switzerland, Ukraine, United Arab Emirates, the United Kingdom, and the United States recognize that ransomware is an escalating global security threat with serious economic and security consequences.
The Anti-Ransomware Initiative Following the Crypto Abuse by Hackers
As we know from the fact sheet published last week, approx. $500 million in cryptocurrency is the amount that embodies the total ransomware payments from 2020 and the first quarter of 2021 (in 2020 $400 million and in 2021 Q1 $80 million).
The goal of this anti-ransomware initiative is to stop virtual assets abuse worldwide. This initiative will have an impact on three areas: the ransomware business model, the ransomware groups’ instrument to gather ransoms, and funds laundering (the money these threat actor groups got while they attacked several organizations worldwide). Thus, the initiative follows funding channels disruption:
We acknowledge that uneven global implementation of the standards of the Financial Action Task Force (FATF) to virtual assets and virtual asset service providers (VASPs) creates an environment permissive to jurisdictional arbitrage by malicious actors seeking platforms to move illicit proceeds without being subject to appropriate anti-money laundering (AML) and other obligations. (…) We are dedicated to enhancing our efforts to disrupt the ransomware business model and associated money-laundering activities, including through ensuring our national AML frameworks effectively identify and mitigate risks associated with VASPs and related activities.
The abuse of cryptocurrency by ransomware groups will be mitigated through regulators, financial intelligence units, and law enforcement. These areas will be improved for making possible the regulation, supervision, investigation, and mitigation of virtual assets being exploited. The countries involved in the initiative will make use of their financial infrastructure and institutions to keep ransomware apart from the critical infrastructure of international partners.
We will enhance the capacity of our national authorities, to include regulators, financial intelligence units, and law enforcement to regulate, supervise, investigate, and take action against virtual asset exploitation with appropriate protections for privacy, and recognizing that specific actions may vary based on domestic contexts. We will also seek out ways to cooperate with the virtual asset industry to enhance ransomware-related information sharing. (…) Beyond implementing measures to improve resilience and harden our financial system from exploitation, we must also act to degrade and hold accountable ransomware criminal operators.
Ransomware Disruption Efforts Background
There have been several ransomware disruption efforts as time went by:
- Cryptocurrency exchange sanctions were announced by the U.S. Treasury Department last month that were to be applied for wallets, crypto exchanges and those helping ransomware gangs with their transactions;
- Back in 2019, various Evil Corp members were charged because they performed a theft of over $100 million. They were also included on the OFAC sanctions list. Among the ransomware families associated with Evil Corp, we can mention PayLoadBin, WastedLocker, Phoenix CryptoLocker, or Hades.
- In July this year, a call came from the Interpol addressing industry partners and police agencies to unite against ransomware.