After White House meetings on ransomware, nations issue statement on illicit finance, resilience, law enforcement, diplomacy
Latest in cybersecurity.
Nations must better implement international standards for clamping down on money laundering in order to disrupt ransomware gangs’ illicit finance, according to a joint statement Thursday from 30-plus countries that participated in two days of White House meetings.
The joint statement also included commitments to other methods of countering ransomware, such as encouraging cyber hygiene practices to the private sector, collaborating across law enforcement and national security agencies and using diplomatic pressure against nations that harbor cybercriminals.
“The threat of ransomware is complex and global in nature and requires a shared response,” the joint statement reads. “A nation’s ability to effectively prevent, detect, mitigate and respond to threats from ransomware will depend, in part, on the capacity, cooperation, and resilience of global partners, the private sector, civil society, and the general public.”
The two days of meetings were the latest steps the Biden administration has taken to battle ransomware, a frequent focus of the White House since major ransomware attacks this summer on Colonial Pipeline, JBS and Kaseya. However, the meetings excluded Russia, whom Biden has repeatedly singled out for harboring ransomware gangs — including alleged Russia-based ransomware operators behind those three attacks.
The most concrete recommendations for policy action in the joint statement involved illicit finance.
Ransomware gangs have made particular use of cryptocurrency to enshroud ransom payments, making it harder for investigators to track their criminal activity. An intergovernmental task force based out of France sets international policies and standards for combatting money laundering, but the joint statement said nations have fallen short of its goals.
‘We acknowledge that uneven global implementation of the standards of the Financial Action Task Force (FATF) to virtual assets and virtual asset service providers (VASPs) creates an environment permissive to jurisdictional arbitrage by malicious actors seeking platforms to move illicit proceeds without being subject to appropriate anti-money laundering (AML) and other obligations,” the statement reads.
Nations also must bolster law enforcement and regulators to battle illicit ransomware finance, the nations agreed. To improve resilience, governments need to work with the private sector to promote key defenses such as multifactor authentication, they said. Law enforcement and national security agencies must share more information, and nations must work in international forums to tout behavior that shuns ransomware.
via CyberScoop https://ift.tt/2hq4cKh
October 14, 2021 at 09:28AM