Nations must better clamp down on money laundering in order to disrupt ransomware gangs’ illicit financial transactions, according to a statement Thursday from 32 countries that participated in two days of White House meetings focused on slowing hackers and digital extortion.
The joint statement also included commitments to other methods of countering ransomware, such as encouraging cyber hygiene practices to the private sector, collaborating across law enforcement and national security agencies and using diplomatic pressure against nations that harbor cybercriminals. The initiative comes after a White House summit that included presentations and intelligence sharing between countries including Australia, Brazil, Bulgaria, Canada, the Czech Republic, Estonia, France and Germany, among others.
The two days of meetings were the latest steps the Biden administration has taken to battle ransomware, a frequent focus of the White House since major attacks this summer on Colonial Pipeline, JBS and Kaseya. However, the meetings excluded Russia, whom Biden has repeatedly singled out for harboring ransomware gangs — including alleged Russia-based operators behind those three attacks.
“The threat of ransomware is complex and global in nature and requires a shared response,” the declaration reads. “A nation’s ability to effectively prevent, detect, mitigate and respond to threats from ransomware will depend, in part, on the capacity, cooperation, and resilience of global partners, the private sector, civil society, and the general public.”
The most concrete recommendations for policy action in the joint statement involved illicit finance.
Ransomware gangs have made particular use of cryptocurrency to enshroud ransom payments, making it harder for investigators to track their criminal activity. An intergovernmental task force based in France sets international policies and standards for combatting money laundering, but the joint statement said nations have fallen short of its goals.
“We acknowledge that uneven global implementation of the standards of the Financial Action Task Force (FATF) to virtual assets and virtual asset service providers (VASPs) creates an environment permissive to jurisdictional arbitrage by malicious actors seeking platforms to move illicit proceeds without being subject to appropriate anti-money laundering (AML) and other obligations,” the statement reads.
Nations also must bolster law enforcement and regulators to battle illicit ransomware finance, the nations agreed. To improve resilience, governments need to work with the private sector to promote key defenses such as multifactor authentication, they said. Law enforcement and national security agencies must share more information, and nations must work in international forums to tout behavior that shuns ransomware.