In brief: Ransomware victims are always told not to give criminals any money as there's no guarantee it will secure a decryption key. Now, a US-led alliance of 40 countries is set to sign a pledge never to pay these hackers in the hope of cutting off their funds.
The International Counter Ransomware Initiative has been formed just as ransomware attacks grow across the world, writes Reuters, almost half of which (46%) happen in the United States.
It was only last week that the NCC Group released its latest monthly cyber threat intelligence report showing there were 514 attacks in September, marking a 32% increase compared to the previous month and up 153% compared to a year earlier. The group previously suggested there could be 4,000 successful ransom attacks taking place before the year is out, having already reached 3,500 last month.
Members of the Counter Ransomware Initiative: Australia, Austria, Belgium, Brazil, Bulgaria, Canada, Croatia, Czech Republic, Dominican Republic, Estonia, France, Germany, India, Ireland, Israel, Italy, Japan, Kenya, Lithuania, Mexico, the Netherlands, New Zealand, Nigeria, Norway, Poland, Republic of Korea, Romania, Singapore, South Africa, Spain, Sweden, Switzerland, United Arab Emirates, United Kingdom, United States, and Ukraine, and the European Union
Canalys said in July that crypto payments to ransomware attackers were on track to reach their second-highest annual total this year. Another analyst firm, Statista, said that organizations detected 493.33 million ransomware attack attempts globally last year. The figure could be higher as many companies don't report such incidents.
There have been some big companies hit by ransomware attacks over the last few months, including MGM Resorts International, which operates casinos, and cleaning products maker Clorox. In August, the FBI said it was investigating an incident that impacted the systems of a California-based healthcare provider, leading to emergency rooms across several states being shut down and ambulances being diverted to other hospitals.
By paying the ransom, victims are making ransomware attacks more lucrative for hackers, encouraging them to increase the scope and scale of their attacks.
Anne Neuberger, US deputy national security adviser for cyber and emerging technologies, said, "As long as there is money flowing to ransomware criminals, this is a problem that will continue to grow."
The alliance will create two information-sharing platforms so members can swap information about accounts that receive ransomware payments. One will be created by Lithuania, while the other will be a joint effort between Israel and the UAE.
The countries will share a blacklist via the US Department of Treasury that will include information on digital wallets used to move the ransomware payments. The alliance will also utilize AI to analyze the blockchain in an attempt to identify ransomware funds.