White House’s plan to stop ransomware: block payments

There’s an international effort brewing that aims to neutralize ransomware attackers and prevent them from getting paid.

“We're finalizing the first-ever joint Counter-Ransomware Initiative policy statement, declaring that member governments won’t pay ransoms,” Anne Neuberger, the White House deputy national security adviser for cyber and emerging technologies, told reporters Monday. 

Nearly 50 countries are expected to sign the document during the organization’s annual meeting this week in a move that will also include a “blacklist of wallets” through the U.S. Department of Treasury, which will share data with participating countries on entities that move money for criminally-linked organizations. Countries could then target those service providers and freeze transactions, Neuberger said. 

The plan also includes assistance for Counter Ransomware Initiative members if they’ve had a major incident that disrupts services needed for daily life, such as transportation, water, energy, and communications. 

The international coalition launched in 2021, and recently added Interpol and 13 additional countries to the initiative—which started with 30 countries plus the European Union, Neuberger said.  

“The United States remains the most targeted country, with 46 percent of global cyber attacks being directed towards Americans,” Neuberger said, noting that disruptions ranged from Clorox having product availability problems after it was hit with a cyberattack in August to Minneapolis Public Schools students’ sensitive information being exposed on the darkweb after an attack in February. 

“As long as there's money flowing to ransomware criminals this problem will continue to grow,” she said.

The move comes as major defense contractor Boeing faces allegations that its systems were compromised by Lockbit, a well known cybercrime organization, which claimed it stole sensitive information from the airplane giant, Fox Business reported. When asked how the company plans to respond, a Boeing spokesperson said the company is “assessing this claim.”

The Pentagon, which has dealt with its own cyberattacks, has been working on a strategy specifically for its contractors, to help them identify what needs to be protected and how to respond and recover from intrusions. 

“This is the largest cyber partnership in the world. To learn from each other to deepen our diplomatic partnerships, so that together we can institute and implement a set of cyber norms or rules of the road that we're recognizing across the globe to capture ransomware threats and hold malicious actors accountable,” Neuberger said.