G7 (Group of 7) leaders have asked Russia to urgently disrupt ransomware gangs believed to be operating within its borders, following a stream of attacks targeting organizations from critical sectors worldwide.
The G7 member states also expressed their commitment to work together to address the escalating and immediate ransomware threat as a global challenge.
“We call on all states to urgently identify and disrupt ransomware criminal networks operating from within their borders, and hold those networks accountable for their actions,” the G7 leaders (from the UK, USA, Canada, Japan, Germany, France, and Italy, plus the EU) said at the G7 Cornwall Summit.
“In particular, we call on Russia [..] to identify, disrupt, and hold to account those within its borders who conduct ransomware attacks, abuse virtual currency to launder ransoms, and other cybercrime.”
This call to action comes after the White House National Security Council’s chief cybersecurity adviser Anne Neuberger urged business leaders and corporate executives in early June to take ransomware attacks seriously.
White House’s public letter followed several attacks coordinated by ransomware gangs believed to be Russian-based.
In early May, the DarkSide ransomware gang was behind an attack that forced Colonial Pipeline to shut down the largest pipeline in the US and pay a $5 million ransom.
On the last day of May, the world’s largest meat processor JBS was also forced to shut down production after REvil ransomware operators breached and encrypted some of its North American and Australian IT systems.
The White House again declared the United States’ commitment to battle ransomware operations together with the other G7 member states in a statement published over the weekend.
“In just the last few weeks there have been several significant cyber intrusions affecting many G7 and other nations’ critical infrastructure, manufacturing and electronics firms, and hospitals,” the White House said.
“The United States and our G7 partners are committed to working together to urgently address the escalating shared threat from criminal ransomware networks.”
Today, Lindy Cameron, the head of the UK’s National Cyber Security Centre, also addressed this recent wave of ransomware attacks while speaking peaking at the RUSI Annual Security Lecture.
“For the vast majority of UK citizens and businesses, and indeed for the vast majority of critical national infrastructure providers and government service providers, the primary threat is not state actors but cyber criminals, and in particular the threat of ransomware,” Cameron added.
“Reporting really matters – even if you are a victim and it’s too late to limit the damage to your business, it helps us help others. All this not only helps make businesses resilient to ransomware, but to the full range of cyber threats they face, and deters adversaries by increasing the cost of an attack.”