Rawf8 - stock.adobe.com
UK and Singapore to collaborate on supporting ransomware victims
At the fourth Counter Ransomware Initiative Summit in the US, the UK and Singapore have committed to working on new guidance designed to better support victims and undermine cyber criminal business models
The UK and Singapore have committed to lead on developing new policy guidance designed to help support organisations that fall victim to ransomware attacks through the Counter Ransomware Initiative (CRI), at a summit in the US.
A total of 39 countries and global cyber insurance bodies have signed up to endorse the refreshed guidance, which builds on work already carried out by the UK’s National Cyber Security Centre (NCSC) alongside the Association of British Insurers, the British Insurance Brokers’ Association and the International Underwriting Association.
Going forward, organisations will be encouraged to consider their options more carefully instead of making payments to cyber criminals in haste, and spells out to victims in no uncertain terms that paying ransoms for stolen data only emboldens cyber criminals to attack others, and offer no guarantee of data recovery or future security.
It instead encourages victims to report attacks to the authorities, assess the availability of their data backups, and take advice from cyber experts. It also prompts organisations to take action before an attack by having policies, frameworks and communications plans in place.
Security minister Dan Jarvis explained that the guidance was intended to try to undermine cyber criminal business models and disincentivise them from targeting other organisations.
“Cyber criminality does not recognise borders. That is why international co-operation is vital to tackle the shared threat of ransomware attacks,” said Jarvis.
“This guidance will hit the wallets of cyber criminals, and ultimately help to protect businesses in the UK and around the world.”
NCSC director for national resilience Jonathon Ellison added: “Ransomware remains an urgent threat and organisations should act now to boost resilience.
“The endorsement of this best practice guidance by both nations and international cyber insurance bodies represents a powerful push for organisations to upgrade their defences and enhance their cyber readiness,” said Ellison.
“This collective approach, guided by last year’s CRI statement denouncing ransomware and built on guidelines from the NCSC and UK insurance associations earlier this year, reflects a growing global commitment to tackling the ransomware threat,” he added.
Wide-ranging work
Besides the joint UK-Singapore work on undermining cyber criminal business models, the summit also saw the US launch a new fund for CRI members to provide rapid assistance following cyber attacks, and support to improve cyber skills basis and national policy and response procedures.
Elsewhere, Germany and Nigeria are leading on an effort to expand the CRI’s reach with the addition of new members Argentina, Bahrain, Cameroon, Chad, Denmark, Finland, Hungary, Moldova, Morocco, the Philippines, Slovenia, Sri Lanka, Vanuatu and Vietnam, as well as multinational organisations, while Australia and Lithuania are cooperating on building resilience through information sharing, and Canada has established a public-private sector advisory panel to support members.
The summit also hosted its first-ever event exploring the possible use of artificial intelligence in countering ransomware attacks, with use cases under discussion including the use of AI to track threat actors, improve code hygiene to cut down on vulnerabilities, sector-specific scenario planning, and countering disinformation put out by cyber criminals.
Read more about ransomware
- Proposals from legislators in Washington DC could shake up the global ransomware ecosystem and give law enforcement sweeping new powers.
- IBM publishes data on the spiralling costs of cyber attacks and data breaches, while researchers identify what appears to be the largest ransomware payment ever made.
- The London Borough of Hackney has been reprimanded by the ICO over a series of failures that led to a devastating ransomware attack.
