Representatives from 36 foreign countries and the European Union gathered for a two-day summit hosted by the White House to discuss ransomware threats after digital attacks elevated to a high-profile national security issue after an assault on Colonial Pipeline that boosted digital extortion. Members of the Counter Ransomware Initiative — an intergovernmental partnership the White House formed last October — have been cooperating over the last year to arrest ransomware actors, improve victims’ defenses, trace the digital currencies that fuel extortion payments, and apply pressure to states that fail to address ransomware activity within their borders, Politico reports. However, the U.S. continues “seeing the pace and the sophistication of ransomware attacks increasing faster than our resilience and disruption efforts,” a senior administration official said. The 48-hour D.C. conclave offers members a chance to assess their progress and “redouble” the groups’ efforts, said the official, “because fundamentally, no one country can take [ransomware] on alone.” Initiative members heard from leading U.S. officials, including FBI Director Chris Wray, Deputy Treasury Secretary Wally Adeyamo, Deputy Secretary of State Wendy Sherman, and national security adviser Jake Sullivan. New ambassador at large for cyberspace and digital policy Nate Fick attended.
Russia is not among the members, as it is where many prominent ransomware groups operate. Officials dismissed the idea that the initiative would suffer from the Kremlin's absence. The effort is “less about Russia and more about how we make it harder and riskier for ransomware groups to operate,” one official said. From the private sector, 13 entities offeredthoughts on how the government and industry can work together against digital extortion. From the U.S. that list includes security giants Microsoft, Crowdstrike, Mandiant, and Palo Alto Networks, and nonprofits the Cyber Threat Alliance, the Cybersecurity Coalition, and the Institute for Security & Technology. From the foreign side, Flexxon, SAP, Siemens, Internet 2.0, Tata Consultancy Services, and Telefónica also sat in. The Biden administration is announcing new efforts to jump-start the initiative, including a platform where members would be able to upload, identify and share tips on ransomware payloads they spot within their borders. The administration is also outlining new ways CRI members can apply diplomatic pressure to countries harboring ransomware groups.