‘Starve them of oxygen’: S’pore cyber-security chief at global summit on battling ransomware

The participating countries included Australia, France, the United Arab Emirates, Israel and Ukraine. PHOTO: REUTERS

WASHINGTON - Representatives from 36 countries and the European Union met in Washington this week to strategise ways to combat ransomware, including setting up a joint task force in 2023.

The summit, organised by the White House, was devoted to countering malware attacks.

In these situations, corporate or government computer systems are targeted and forced offline until money – often in the form of cryptocurrency – is paid.

“Ransomware is a global challenge that requires global cooperation to produce global solutions,” said United States National Security Adviser Jake Sullivan.

The participating countries included Australia, France, the United Arab Emirates, Israel and Ukraine.

Ms Anne Neuberger, US Deputy National Security Adviser for Cyber and Emerging Technology, said the participants discussed “sharing and coordinating policies on ransom payments”, as well as setting up a joint ransomware task force in the first quarter of 2023.

The experts also discussed ways to “strengthen our diplomatic cooperation to deny safe haven to ransomware actors”, Mr Sullivan said.

Mr David Koh, chief executive of the Cyber Security Agency of Singapore, said: “If we work together, we can starve them of oxygen, we can make the environment more hostile for them, and break their business models.”

This was the second such summit in Washington, after the 2021 meeting took place online due to the pandemic. Also attending this year were representatives of US tech giant Microsoft, Germany’s Siemens, India’s Tata and others, according to US officials.

US Deputy Treasury Secretary Wally Adeyemo told officials: “We may approach the challenge of ransomware with a different lens – and in some cases, an entirely different set of tools – but we are all here because we know that ransomware remains a critical threat to victims across the globe and continues to be profitable for bad actors.”

Ransom software works by encrypting victims’ data, with hackers offering the victim a key in return for cryptocurrency payments that can run as high as millions of dollars.

A US Treasury Department analysis released on Tuesday showed that payment-seeking software made by Russian hackers was used in three-quarters of all ransomware schemes reported to a US financial crime agency in the second half of 2021.

The US Financial Crimes Enforcement Network (FinCEN) said it received 1,489 ransomware-related filings worth nearly US$1.2 billion (S$1.7 billion) in 2021, a 188 per cent jump from 2020.

Out of 793 ransomware incidents reported to FinCEN in the second half of 2021, 75 per cent “had a nexus to Russia, its proxies, or persons acting on its behalf”, the report said.

A US Treasury official on Tuesday said the department in October repelled cyber attacks by a pro-Russian group, preventing disruption – an example he said of the department’s stronger approach to financial system cyber security.

US financial institutions spent nearly US$1.2 billion (S$1.7 billion) on likely ransomware-related payments in 2021, most commonly in response to breaches originating with Russian criminal groups, according to the Treasury Department.

The payments more than doubled from 2020, underscoring the pernicious damage that ransomware continues to wreak on the private sector. FinCEN said its analysis “indicates that ransomware continues to pose a significant threat to US critical infrastructure sectors, businesses and the public”.

Financial institutions filed 1,489 incidents related to ransomware in 2021, up from 487 in 2020, according to data collected under the Bank Secrecy Act. FinCEN’s analysis included extortion amounts, attempted transactions and payments that were unpaid. AFP, REUTERS, BLOOMBERG

Join ST's Telegram channel and get the latest breaking news delivered to you.