The United States joined 39 other countries this week in the International Counter Ransomware Initiative, an effort to stem the flow of ransom payments to cybercriminals. The initiative aims to eliminate criminals’ funding through better information sharing about ransom payment accounts. Member states will develop two information-sharing platforms, one created by Lithuania and another jointly by Israel and the United Arab Emirates. Members of the initiative will share a “black list” through the U.S. Department of Treasury, including information on digital wallets being used to move ransomware payments. Finally (in an interesting coming together of the last two oversized ticket items in technology), the initiative will utilize AI to analyze cryptocurrency blockchains to identify criminal transactions.
While government officials near-unanimously counsel against paying ransoms, organizations caught in a ransomware attack often pay to avoid embarrassment and to lower the cost of incident response and mitigation. However, in the macro, paying ransoms leads to ballooning ransom demands and escalating ransomware activity. This initiative may address these long-term trends.