Biden announces 30-nation meeting to tackle ransomware

US government is committed to strengthening cyber security by disrupting ransomware networks, Biden says

The Biden administration plans to hold a meeting with representatives from 30 countries later this month in an effort to deal with the growing threat of ransomware and the abuse of cryptocurrency to launder ransom payments.

The meeting, which will be hosted virtually by the White House national Security Council, will include discussions on supply chain attacks, 5G technology, artificial intelligence and quantum computing.

"This month, the United States will bring together 30 countries to accelerate our cooperation in combatting cybercrime, improving law enforcement collaboration, stemming the illicit use of cryptocurrency, and engaging on these issues diplomatically," Biden said in a statement on Friday.

He added that the US government was committed to strengthening cybersecurity "by disrupting ransomware networks, working to establish and promote clear rules of the road for all nations in cyberspace" and holding accountable those "that threaten our security".

The White House hopes that the new informal group, called the Counter-Ransomware Initiative, will boost their diplomatic efforts by including direct talks with Russia as well as the Group of Seven (G7) countries and the NATO alliance.

In his opening statement at the White House, marking October as 2021 Cybersecurity Awareness Month, Biden said the US was under a constant threat from malicious cyber actors and all Americans need to be cyber smart in order to protect their sensitive data from hackers.

He said that the US has launched a 100‑day action plan to improve cyber security across the electricity sector, which has prompted over 150 utilities serving 90 million committing to bolster their security. The administration is now working to deploy action plans to additional critical infrastructure sectors, including the gas pipelines.

The White House's announcement follows a series of devastating ransomware attacks hitting key US organisations in recent months.

In May, US fuel distributor Colonial Pipeline suffered a massive ransomware attack that crippled fuel delivery in southeastern US states.

The shutdown of Colonial's system sparked panic in the southeastern US, with residents seen lining up at petrol pumps for several hours over fears of fuel shortage. Petrol prices rose as a result of fuel supply disturbance, and some stations also ran out of fuel.

The company is reported to have paid nearly $5 million (about £3.55 million) ransom to DarkSide gang, hours after the company's systems started locking up. After receiving the payment, the ransomware operators provided a decryption tool to the company to restore its disabled computer network.

In June, Brazil-based JBS, the world's largest meat-packer by sales, paid $11 million in ransom after a massive attack targeting its computer systems in the US and Australia. Florida-based IT firm Kaseya suffered a ransomware attack in July, suspected to be the work of the Russia-based REvil.

In his summit with Russian president Vladimir Putin in June, Biden said that he expected Russia to take action against cyber criminals operating within its territory. Biden warned that the US has "significant cyber capability" that could be used in offensive cyber operations in the future unless Russia clamps down on hackers targeting US entities.

"I talked about the proposition that certain critical infrastructure should be off limits to attack, period," Biden told reporters.

The US president added that he gave Putin a list of 16 entities - an apparent reference to 16 sectors, including energy, water systems, telecommunications, healthcare and food, which are defined as critical infrastructure under the US policy.