The White House kicked off a virtual series of meetings Wednesday focused on fighting back against a barrage of ransomware attacks with representatives from over 30 countries.
While many criminal hackers are suspected to live and work in adversarial nations like Russia and China, those countries were left off the guest list. For this summit, one of many planned gatherings, the U.S. included “like-minded nations,” said National Security Advisor Jake Sullivan during the opening session — or as he put it — nations that “recognize the urgency of the ransomware threat.”
The summit includes an open plenary session and six additional private panels, led by the U.S., Britain, Australia, Germany, and India. Other attendees include Eastern European nations such as Ukraine, Estonia, and Romania, Middle Eastern partners like the United Arab Emirates, Latin American allies like Brazil, and many others.
Speaking in the opening session, several international representatives agreed with a now common refrain from U.S. national security officials: that ransomware has become a national security threat.
Gen. Karel Řehka, the director for the National Office for Cyber and Information Security in the Czech Republic, described ransomware attacks that had impacted local critical infrastructure.
“It can no longer be regarded as a criminal activity only,” he concluded.
Andres Sutt, the Estonian Minister of Entrepreneurship and Information Technology, suggested the group of countries establish clear benchmarks for expected spending on cybersecurity, akin to NATO commitments to defense spending.
Yigal Unna, the director of Israel’s National Cyber Directorate, revealed that Israel was in the middle of dealing with a massive ransomware attack on a major hospital.
Bringing together countries to pool resources
In an interview with NPR, Anne Neuberger, deputy national security advisor for cyber and emerging tech, discussed the purpose of the summit.
“We wanted to focus on bringing together the countries who were part of the fight against ransomware who each had a role to play,” Neuberger said. “Whether it’s disrupting ransomware actors, disrupting the financial ecosystem, building resilience, or building capacity.”
Neuberger said it was important to include such a broad swathe of countries because “ransomware is a really good example of a transnational threat.”
The White House has put public pressure on Russian officials for allowing ransomware operators to work within their borders.
Neuberger told NPR that the White House has had “candid” conversations with senior officials in the Kremlin, and has seen “some steps” taken to address U.S. concerns. But she added, “we’re looking to see follow-up actions.”
Several of the participants have experience confronting cybercrime within their own borders, including Ukraine, where the FBI and international law enforcement recently arrested two members of a ransomware gang, seizing $375,000 in cash.
While Neuberger declined to comment on future law enforcement collaborations, she told NPR that “these are exactly the kind of efforts we have in mind.” She said that one of the international panels would focus on “disruption.”
On China, Neuberger said the White House is “looking for constructive areas to engage,” but the administration remains “concerned about Chinese cyber activity.”
China has been linked to many cyber breaches, including one known as the Hafnium cyberattack, a massive email server attack involving Microsoft Exchange. Neuberger pointed out that the Biden administration has publicly noted that “China harbors a broader ecosystem that includes some ransomware actors.”