NetworkTigers highlights the 48 countries taking a stand against ransomware attacks.
Ransomware attacks have risen by at least 27% across industries, and 93% of cyber intelligence professionals believe that the threat will continue to rise in both volume and severity in 2024 and beyond. With cybercriminals emboldened to hold valuable files hostage, a new worldwide alliance of 48 countries is determined to change the dynamic by refusing to pay ransom demands.
What is a ransomware attack?
Ransomware attacks occur when cybercriminals gain access to vital data and hold systems hostage, often by encryption, unless specific demands are met. Ransomware actors often demand exorbitant sums, usually in cryptocurrency, and threaten to permanently delete or destroy files unless businesses pay within a short time period.
All ransomware hacks need an attack vector to establish their presence on an endpoint. Some of the most common ways that ransomware spreads include:
- Phishing attacks: Never open suspicious emails or download unexpected email attachments, even from sources you trust.
- Social engineering: Your digital footprint, such as LinkedIn accounts or other social media accounts, can be used to make a phishing or smishing attempt more believable.
- Drive by downloads: Just visiting an infected site can give access to a malware or ransomware hacker.
- Credential compromise: Never reuse passwords, and enable MFA authentication whenever you can.
The global impact of ransomware
Many ransomware attacks cross international borders. According to the 2023 State of Ransomware Report from Malwarebytes Threat Intelligence, four countries experienced just under 2,000 ransomware threats, all within one year. These heavily targeted countries include Germany, the United Kingdom, the United States, and France. The United States bears perhaps the biggest brunt of ransomware efforts, as 43% of ransomware hacks are concentrated towards U.S. organizations. However, France sees dramatically rising rates of cybercrime, with ransomware attacks doubling in France over less than a year.
International action against ransomware hackers
In this landscape of rising threats, international collaboration is vital. The International Counter Ransomware Initiative is an accord between 48 countries, joined by the European Union and Interpol, in the first-ever international agreement to systematically refuse all ransomware payments to cyber criminals.
The 48 countries committed to the International Counter Ransomware Initiative at present are:
- Albania
- Australia
- Austria
- Belgium
- Brazil
- Bulgaria
- Canada
- Colombia
- Costa Rica
- Croatia
- Czech Republic
- Dominican Republic
- Egypt
- Estonia
- France
- Germany
- Greece
- India
- Ireland
- Israel
- Italy
- Japan
- Jordan
- Kenya
- Lithuania
- Mexico
- Netherlands
- New Zealand
- Nigeria
- Norway
- Papua New Guinea
- Poland
- Portugal
- Republic of Korea
- Romania
- Rwanda
- Sierra Leone
- Singapore
- Slovakia
- South Africa
- Spain
- Sweden
- Switzerland
- Ukraine
- United Arab Emirates
- United Kingdom
- United States
- Uruguay
Recent actions by the International Counter Ransomware Initiative (CRI)
According to an official White House statement, November 2023 saw a Washington, D.C. based meeting for representatives of the members of the Counter Ransomware Initiative (CRI). The gathering was focused on three main deliverables that will directly respond to the rising threat of cyber attacks, as well as agreeing to refuse ransom payments when they arise. The three main deliverables are:
Developing capabilities against cybercriminals
Member countries agree to provide mentorship to new CRI countries, such as Israel, to help Jordan strengthen its cyber threat response. A new artificial intelligence campaign against ransomware will also be part of the push to develop capabilities in cyberintelligence.
Sharing information between members
Inter-member reporting of ransomware threats is a vital pillar of the CRI. When countries are targeted, they agree to share information about the threats, including along nationally owned reporting systems like Lithuania’s Malware Information Sharing Project (MISP) and Israel and the UAE’s Crystal Ball initiatives. Australia maintains the CRI’s website, which includes a forum for members to request assistance against ransomware threats.
Fighting back against ransomware
If ransomware hackers attack any member government or lifeline systems, the 48 countries, as well as Interpol and the European Union, are committed to coming to their aid, according to the latest agreement. The U.S. Department of Treasury will maintain a blacklist of blockchain wallets that are shared with all CRI members, and all nations will agree not to pay ransoms when demanded.
Facing the rising cost of ransomware
Ransomware might seem like an extreme or rare threat to your network, but it has become common and exorbitantly expensive. In 2023, businesses paid over $1 billion in ransom payments to cyber criminals, the highest year on record yet. This represents a nearly doubling of the $567 million in ransoms paid out just the previous year. The average ransomware attack cost in 2023 was over $5 million, a 13% increase from 2022.
Ransomware threatens vital industries like shipping, education, and healthcare. In some cases, ransomware attacks on hospitals directly threaten human life by making systems go dark and preventing doctors and nurses from providing care to sick or injured patients.
Ransomware is especially lucrative because cybercriminals can make double the money for each breach. Not every cybercriminal returns full system access even if a business does pay up, and stolen data can be resold on the black market. With the proliferation of online malware kits and cross-platform ransomware, as well as a rise of hackers-for-hire, ransomware has become easier to spread and harder to stop than ever.
Moving forward with the International Counter Ransomware Initiative
Approximately 8% of businesses end up paying ransom demands. Less than half of organizations in the United States report that they have a ransomware contingency plan in place. The U.S. Cybersecurity and Infrastructure Security Agency and the FBI advise all businesses and individuals affected by malware not to pay a ransom. The Counter Ransomware Initiative plans to reach out to the private sector to create a unified front against ransomware hackers. With these actions from the CRI, if you choose to pay, you will soon be on your own in doing so.
Instead of paying up, report ransomware attacks to law enforcement and disconnect your computer from the network as soon as possible if you believe it might be infected. Make backups of critical files and keep them separate from online networks to ensure your business or system can continue functioning in the face of a ransomware hack. By taking these steps, you can stand alongside the CRI and say no to the rising ransomware threat.
About NetworkTigers
NetworkTigers is the leader in the secondary market for Grade A, seller-refurbished networking equipment. Founded in January 1996 as Andover Consulting Group, which built and re-architected data centers for Fortune 500 firms, NetworkTigers provides consulting and network equipment to global governmental agencies, Fortune 2000, and healthcare companies. www.networktigers.com.
