Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Technology

Biden Administration To Convene 30 Countries To Crack Down on Ransomware Threat (cnn.com) 65

The White House will convene a 30-country meeting this month to try to ramp up global efforts to address the threat of ransomware to economic and national security, President Joe Biden said in a statement shared exclusively with CNN. From a report: "Cyber threats affect the lives and livelihoods of American families and businesses," national security adviser Jake Sullivan said in a statement to CNN. Sullivan said the administration would "continue to build on our whole-of-government effort to deter and disrupt cyberattacks." The goal of the alliance will be "to accelerate our cooperation in combatting cybercrime, improving law enforcement collaboration, stemming the illicit use of cryptocurrency, and engaging on these issues diplomatically," Biden is set to announce Friday, according to the statement. The announcement follows a series of ransomware attacks on US critical infrastructure firms in recent months, including one that forced major US fuel supplier Colonial Pipeline to shut down for days.

The first meeting of the multilateral initiative will be held virtually. It's part of a recurring effort to cut off revenue for ransomware groups and figure out ways to prosecute them, according to the White House. In bolstering US cybersecurity, "the Federal government needs the partnership of every American and every American company in these efforts," Biden added. Biden in June urged Russian President Vladimir Putin to crack down on cybercriminals operating from Russian soil, but US officials have been skeptical of Moscow's willingness to do so. After a brief period of quiet from some ransomware groups following the Biden-Putin meeting, hackers have claimed multiple US companies as victims in recent weeks.

This discussion has been archived. No new comments can be posted.

Biden Administration To Convene 30 Countries To Crack Down on Ransomware Threat

Comments Filter:
  • One idea... (Score:4, Insightful)

    by bosef1 ( 208943 ) on Friday October 01, 2021 @02:36PM (#61851803)

    Break the corporate veil and make it a personal felony for a company's CEO if any member of the company pays a ransomware ransom.

    • Kind of like how cracking down on companies that obey Chinese law is working.

    • by BAReFO0t ( 6240524 ) on Friday October 01, 2021 @02:50PM (#61851849)

      Sorry, but that is the view of somebody who watched too many movies.
      In reality, everybody pays ransom and the government *does* negotiate with terrorists.

      Because the alternative is everybody ripping you a new one if the hostages die and the data is lost.
      It might still happen, sure. But you don't wanna be the one they're after.
      And I'd bet money you'd be one of those after them, if you'd lose data.

      Because that's what you effectively seem to argue: "I'm completely OK with losing all my data."

      Professionals usually go a different route: Make sure you catch them when sending them the money.
      E.g. by telling the government of the criminal's country, that they have the choice of tracing that money to a person for them, or risk getting their asses handed to them.

      For the record: This, right now, ... is the ass handing part. :)

      • by mark-t ( 151149 )

        I think the argument is that attacks are less likely to happen in the first place when the victim has to break the law in order to pay the ransom, because there will be even fewer people willing to do it.

        And yes, if one doesn't have a mitigation strategy for recovering their data without paying a ransom, then they damn well *SHOULD* be okay with losing all their data. Anything else is entitlement.

        • if one doesn't have a mitigation strategy for recovering their data without paying a ransom, then they damn well *SHOULD* be okay with losing all their data.

          Yeah that should leave them open to a shareholder/customer lawsuit imo. It's just negligence, we've known that you should have backups for over 50 years now.

      • People who work in IT security - ALL know that these malware authors license out their malware, and the bagmen, money negotiators are other people paid to do that part, who in turn have mules to launder the money upstream. So by catching the money, you only get the little fish. They are also aware bitcoin and the like do NOT cover their footprints. Some were recently caught, so old tricks will not work. For now, it is still legal to pay.
        • Catch most of the little fish and the big fish start to get hungry. Seriously, if the incentives to write good ransomware are weakened enough then the brains of the operation will find something else to do; maybe even something usefulâ¦

    • Upset big corporations? Never.

    • that's not the corporate veil, the corporate veil protects investors/shareholders.

    • We've tried the concept of saying being the victim of the crime makes you a criminal. The whole "if you get hacked, you commited a crime" thing.

      The result of that is that victims keep it quiet.
      Keeping it quiet is helpful to criminals, the attackers.

      So yeah, that concept doesn't work. I suppose it was worth a try, but it didn't end up working.

      More recently we've been going in the opposite direction. Trying to encourage open communication. Requiring disclosure. Shining the light, in other words. That seems t

      • by Anonymous Coward

        The idea is not to "blame the victim". The idea is to escape a prisoner's dilemma by changing the payoff matrix for the people you actually control, thus creating a strong incentive fore solidarity.

        If there's no cost to you from paying a ransom (other than the ransom itself), then you have reason to pay. But that applies to everybody, so the ransomware operators know there's a very good chance that they will in fact get paid.

        However, if nobody is allowed to pay, and that is enforced reasonably effectively,

        • The ransomware criminals are actually the whistleblowers on our sloppy security. They should be paid double.

          Without them, our security would be even worse than it currently is.

          And then watch out if there is ever serious trouble with China over Taiwan. Imagine virtually every if system compromised. No banks, no power, no water, cars stopped on the roads, dam gates opened. Who needs aircraft carriers?

          It should be mandatory to pay ransoms. The more the better. Because CEOs just do a simple calculation,

      • As long as your solution doesnâ(TM)t cost more than $400k/y they will be okay with it.

        These companies need to follow the law and go bankrupt, that is what capitalism demands, not that your board, like that oil pipe company, with the blessings of the White House and assisted by the FBI pay the ransom to a set of terrorists.

        If there is nothing to be paid, the terrorists will stop. If bankruptcy is a threat, then companies will pay attention. But as long as government blesses this sort of crap because the

      • Its not about "blaming the victim" It is about publicly announcing that using Windows and not using Tape Backup are jointly and severally criminal offences..
    • Break the corporate veil and make it a personal felony for a company's CEO if any member of the company pays a ransomware ransom.

      It increases the cost of saving the company from money to money + possible jail time. Still a risk some CEO's will pursue, and weirdly, they may be the more ethical ones.

      Plus, organizations are now much less likely to get the authorities involved since there's a risk of criminal liability.

      The real way to get rid of ransomware is to get rid of the thing that started it, cryptocurrency.

      As long as there's a way to digitally transfer and then easily anonymize an arbitrary amount of money it's going to be very d

      • by ebyrob ( 165903 )

        > The real way to get rid of ransomware is to get rid of the thing that started it, cryptocurrency.

        Um, cause it wasn't bad security that caused the breaches, am I right?

      • The real way to get rid of ransomware is to get rid of the thing that started it, cryptocurrency.
        As long as there's a way to digitally transfer and then easily anonymize an arbitrary amount of money it's going to be very difficult to prevent ransomware.

        Save your breath.

        I've been saying this repeatedly for about 2 years, but the stupids/Russian shills on here conveniently have willful blindness regarding the clear relationship between Ransomware and Cryptocurrency.

        If you want to make something illegal, make Cryptocurrency illegal. Ransomware will all but disappear almost overnight.

        Try it, world. Prove us wrong.

    • Solve the problem (insecure code) rather than rent grabbers. Think of NSO Pegasus spyware, which is capable of remote zero-click surveillance as the seeder and pollinator of mee-too actors. These Hackers simply ride the undocumented and known holes, or sell/license them to NSO or others, especially when they know the US is not keen to block all vulnerabilities, fast. The mates club model is broken, and besides, foreign actors will continue.The uptick in extortion is simply due to patching laziness, and lazy
    • It isn't always about money. Sometimes it is about destruction and disruption, typical for Ukraine to be on the receiving end of this, with many suggesting that Russia agencies were the source.

      One thought was that the intention was to break communication then seize land. Money isn't always the motivation.

      SELinux seems to be a good solution.

  • 30 Countries? (Score:5, Insightful)

    by MachineShedFred ( 621896 ) on Friday October 01, 2021 @03:01PM (#61851889) Journal

    You only need one country - Russia.

    Unless Russia is on board, you could have 100 countries show up and whine about not being able to do shit, and it would amount to the same useless press event. You need to take away the protection that these ransomware asshats enjoy, and only then will you be able to do something about it.

    • Without the Russian hackers our software would have even more sloppy security than it does now.

      When China attacks Taiwan, we would be toast. At least there is now some vague attempt to plug the biggest holes.

    • Re:30 Countries? (Score:4, Insightful)

      by Luckyo ( 1726890 ) on Friday October 01, 2021 @08:15PM (#61852519)

      Ukraine is another that's going to be key, for all the same reasons. Ransomware gangs are overwhelmingly Russian linguistically, but a good portion of them comes out of Ukraine.

    • Oh stop pretending like Russia is the global super villain. All you are doing is inviting insane Americans with unlimited money to start another military industrial cold war that bankrupt entire nations and do nothing. It isn't the Russians. It is the lack of IT fundamentals in America causing American problems. IT staff are extremely low skill and can't maintain Windows systems. Best practices are not followed. Passwords are week, MFA is not rolled out, spam filters are not properly configured, firewalls
      • Stop putting words into my mouth. When did I say that Russia is some super villain? I said they are offering safe harbor to ransomeware asshats through ambivalence, as long as they don't hit Russian interests. Elsewhere, someone also listed Ukraine, which is 100% true. Were they calling Ukraine a "super villain" as well for the same reason?

        You are making the same victim-blaming argument as someone who leaves their keys in the car, and the car gets stolen. Did they make it easier? Sure. But it's still

  • by gregarican ( 694358 ) on Friday October 01, 2021 @03:04PM (#61851899) Homepage

    Ever since last week there have been coordinated DDoS attacks going on against large VoIP service provider. Starting with VoIP.MS and then Bandwidth.Com. The bad actors basically slam the provider's network with upwards of 130 Gbps of traffic, send along ransom requests to stop the attacks, then lather rinse and repeat --> https://www.bleepingcomputer.c... [bleepingcomputer.com]. Seeing how a lot of large companies use these SIP providers --- from Microsoft to Google --- this is a big deal too.

  • by thegreatemu ( 1457577 ) on Friday October 01, 2021 @03:07PM (#61851901)

    Great, so now in addition to the unwinnable and ever-more-expensive war on drugs, we'll have an unwinnable and ever-more-expensive war on ransomware.

  • I'd prefer if Biden ensured the NSA/CIA disclosed vulnerabilities and did not try to create backdoors that are being used for Ransomware attacks.

    This is like the farmer going out and whipping the fields because the horses got out of the stable he left open.

  • You don't need a damn international committee to make your decisions for you. I know that in the Senate nobody wants to take responsibility for decisions, but now you have to. Act like a damn President and lead. Committees are how people avoid having to take responsibility and shirk the burden of leadership.

    Take action to shore up our defenses (not some worthless interagency group), hit Russia and China back when they hit us, and show the rest of the world how it's done.

  • And asking them why ransomware is an almost exclusively Windows issue?

    I mean, is not the elephant in the room the ease with which the dominant desktop OS is used as platform for such attacks?

    That would be the most obvious place to fight it, IMHO.

    • Maybe Windows is not the platform of choice for hackers because it is easily hacked, but because it is the platform of choice for pretty much everyone else. They go after Windows clients... and servers running Linux or some hypervisor, and Linux based NAS boxes and tape storage. Because in a larger organisation you do not just want to attack the clients, that is just the way to get in using exploits combined with some social engineering. Once you are in you will definitely want to attack the servers and
    • And asking them why ransomware is an almost exclusively Windows issue?

      Go take a look.

      VMWare has had a number of vulnerabilities they've had to plug over the past year; hackers were ransoming entire VMs. QNAP had a handful, too. Admittedly, some were as low-tech as putting everything in password protected 7-zip files, but ransomware it is, just the same.

      On the topic of points-of-entry, a number of VPN vendors have had some patches rushed out the door of late; Cisco and Sonicwall readily come to mind.

      I'll be more than happy to agree that Windows has its disproportionately high

  • If they placed a 100% tax on them and required companies to report them to the government, it might help in many ways.
    1. Companies wouldn't silently avoid reporting the ransomware attacks.
    2. The government would make money from it.
    3. These would be more expensive for companies, so they'd be more incentivized to defend them selves properly.
    4. Cyberware insurance wouldn't pay the taxes, so companies wouldn't be able to pass the as much of the expense off to their insurers.
  • Cornpop was a bad dude.

  • All Hail Biden, the great convener. One day, maybe he won't screw something up. Still waiting for that day.

One person's error is another person's data.

Working...