This isn’t just AI policy week—there’s also been an International Counter Ransomware Initiative meeting going on in D.C., and really, it couldn’t be more timely.
Ransomware is a reality that plays out constantly all over the world. Attacks have killed hospital patients, paralyzed gas pipelines, and funded North Korean crypto thefts (which in turn fund weapons development). And it’s getting worse—according to Sophos data from several months ago, two-thirds of organizations got hit by ransomware in the previous year, with three-quarters of attacks resulting in data encryption, and the average mean ransom having doubled year-on-year to $1.54 million. Nearly half of the ransom demands are met.
The latest casualty is Boeing, which yesterday admitted that the notorious LockBit gang had hit its parts and distribution business and was threatening to release sensitive data online today if Boeing didn’t pay up. The ransom demand has disappeared from LockBit’s website, which may indicate some kind of deal—TechCrunch couldn’t get an answer out of Boeing as to whether it had paid anything.
So what can a Washington meeting achieve? The biggest tangible result is a pledge among the 50 participating governments to refuse any ransom payments if targeted. The countries also said they’d set up a shared blacklist of crypto wallets used by ransomware gangs, use AI to spot ransom payments on crypto blockchains, and help each other out in the case of an attack on their governments or “lifeline” sectors, such as water systems and emergency services.
There are two big problems, though. The first is that the governments taking part in the initiative can’t force companies in their countries to also avoid paying ransoms—indeed, with ransomware being such a prevalent phenomenon, it’s practically become a cost of doing business. The second is that the initiative does not include countries such as Russia, China, and North Korea, which is where most of the attacks seem to come from. This means the group’s pledge not to harbor ransomware criminals doesn’t carry as much heft as it ought to.
The promised cooperation and information-sharing should help, though, particularly for smaller countries that don’t have heavily resourced cybercrime agencies of their own. One notable new signup at this year’s shindig was Costa Rica, which last year had to declare a state of emergency after Russia’s Conti gang crippled the government’s computer systems. The Costa Rican government refused to pay the $10 million ransom, with the result that the attack cost the country a reported $125 million in just two days, due to customs systems being down.
With no easy solutions, this battle is going to last a long time. More news below.
David Meyer
Want to send thoughts or suggestions to Data Sheet? Drop a line here.