- 39 of the world’s biggest countries have come together to fight against ransomware attacks.
- In the new guidelines formed at the 2024 Counter Ransomware Initiative (CRI), victims are encouraged not to give in to the hackers’ demands.
- It recommends reaching out to security experts and law enforcement authorities and having a contingency plan in place in case something like this happens.
Ransomware is an old enemy. However, with the sophistication of technology and the introduction of AI, the potency of such crimes has reached new heights.
So the UK, the US, Singapore, Japan, Australia, and 34 other countries have joined hands with various international cyber insurance bodies to boost resilience against such attacks and extend support to victims.
The new guidelines were decided upon by the participating countries at the 2024 Counter Ransomware Initiative (CRI) summit held in the US.
It basically advises victims to think twice before giving in to the ransom. Paying the ransom doesn’t guarantee that the threat actor will return your data or not sell/leak it. If anything, it tells them that victims are ready to pay ransom which will embolden them to commit more such crimes.
So what can the victim do in this case? For starters, everyone needs to be prepared. If an organization is hit by ransomware, it should have some policies or contingency plans already in place. They should also consider reporting the crime to their local law enforcement agency or consulting security experts.
Will This Initiative Help?
In most cases, ransomware attacks are financially motivated. Last year alone, over $1.1 billion was lost to such attacks in 2023 alone. So if you take away the financial incentive, the attacks can be expected to go down.
However, when it comes to actually apprehending and stopping the criminals, international cooperation is crucial. The UK remains at the forefront of this initiative.
‘Cyber criminality does not recognize borders. That is why international cooperation is vital to tackle the shared threat of ransomware attacks. This guidance will hit the wallets of cybercriminals, and ultimately help to protect businesses in the UK and around the world.’ – Dan Jarvis, UK Security Minister
The UK has also brought in three major UK insurance bodies to launch co-sponsored guidance for businesses.
- The Association of British Insurers
- The International Underwriting Association
- The British Insurance Brokers’ Association
Also, the country’s National Crime Agency (along with the USA and Australia) recently sanctioned 16 individuals from the Russian cybercriminal organization Evil Corp.
This organization stole over $300 million from critical infrastructure such as healthcare, and government organizations around the world.
This group also has ties with another popular ransomware group called LockBit. The UK’s National Crime Agency infiltrated LockBit earlier this year and found that they retain the data of the victim even after getting the money. This goes on to show that paying the ransom doesn’t remove the danger.
Why Not Completely Ban Ransomware Payments?
If money is the main motivation behind ransomware attacks, why not completely ban giving in to their demands? However, it’s easier said than done.
Ransomware can completely cripple a company. In this case, the only goal should be to take the least worst way out. If paying the ransom is the only way to stay afloat for a business, then that’s what they should do.
It’s important to reiterate that the new guidelines do not support paying ransom. However, if the alternative is more financial damage or complete bankruptcy, paying up should be allowed.