Cybersecurity experts welcome the alliance’s efforts, considering it a crucial step in combating the ransomware threat.
A US-led alliance of 40 countries is taking aim at the ransomware ecosystem, with a new initiative to disrupt payments, take down infrastructure, and share intelligence.
The initiative was launched two months after the severe MGM ransomware attack and two years subsequent to the Colonial Pipeline ransomware attack, during which the company paid a ransom of 75 Bitcoins (equivalent to $4.4 million at that time) to the DarkSide ransomware group.
The alliance, which was announced on October 31 2023, is a response to the growing threat of ransomware attacks, which have targeted businesses, governments, and individuals around the world. Ransomware attacks involve criminals encrypting a victim’s data and demanding payment to decrypt it.
The alliance’s efforts will also focus on three key areas:
- Disrupting ransomware payments: The alliance will work to disrupt ransomware payments by blacklisting cryptocurrency wallets and accounts used by ransomware gangs. They will also work to develop tools and techniques to track and seize ransomware payments.
- Taking down ransomware infrastructure: The alliance will work to take down ransomware infrastructure, such as servers and command-and-control servers. This will make it more difficult for ransomware gangs to operate.
- Sharing intelligence: The alliance will share intelligence about ransomware gangs and their tactics, techniques, and procedures. This will help them to better understand the threats they face and to develop more effective countermeasures.
In addition to these measures, as reported by Reuters, the alliance is also working to educate the public about the dangers of ransomware and to help organizations improve their cybersecurity posture.
It is worth noting that the alliance’s announcement is entirely contrary to the FBI’s long-standing advice to ransomware victims, which has been to pay the ransom. Nevertheless, cybersecurity experts welcome the alliance’s efforts, considering them a crucial step in combating the ransomware threat.
“Ransomware is a global problem, and it requires a global response,” said Anne Neuberger, deputy national security adviser for cyber and emerging technologies in the Biden administration. “The International Counter Ransomware Initiative is a significant step forward in our efforts to disrupt the ransomware ecosystem and protect our citizens and businesses.”
The alliance’s efforts are a sign that the world is taking the ransomware threat seriously. By working together, the alliance can make it more difficult for ransomware gangs to operate and protect people and businesses around the world.