White House schedules a global ransomware summit WITHOUT Russia or China – despite saying they are the worst offenders in a global hacking epidemic that has cost $400M
Russia was not invited to attend a 30-country virtual meeting to discuss ransomware on Wednesday, according to a senior Biden administration official.
The country hosts many of the hacker syndicates believed to be behind an epidemic of global attacks that cost $400 million in payments last year but will not be part of a White House-led effort to find new strategies to counter the threat.
‘We are having active discussions with the Russians, but in this particular forum they were not invited to participate,’ said a senior administration official.
Also absent from the list of participants was the world’s second biggest economy, China, which was accused of hacking Microsoft servers earlier this year.
Nations were meeting to discuss ransomware attacks, which use a type of malware that criminals use to encrypt files on a victim’s computer network before demanding a ransom to restore the data.
President Biden’s White House is hosting a virtual ransomware summit on Wednesday but Vladimir Putin’s Russia was not invited to take part. U.S. officials say Russia hosts many of the cybercriminal gangs responsible for an epidemic of ransomware attacks
A ransomware attack on Colonial Pipeline triggered gas shortages and price hikes in the United States. It was traced back to a criminal gang in Russia
GOVT AGENCIES KNOWN TO HAVE BEEN TARGETED IN THE SOLARWINDS ATTACK LINKED TO RUSSIAN INTELLIGENCE
Department of State
Department of Homeland Security
National Institutes of Health
Department of Energy
National Nuclear Security Administration
Los Alamos National Laboratory
Federal Energy Regulatory Commission
Office of Secure Transportation
Biden took power during the SolarWinds attack, a vast cyberespionage campaign, which U.S. officials say was traced to Russian intelligence operatives.
An attack on Colonial Pipeline, which triggered panic buying and gas shortages, was also traced to Russia-based hacker group.
Biden raised the impact of ransomware with Vladimir Putin during their summit in June, when he warned his Russian counterparts that critical infrastructure should be ‘off limits.’
Putin denied that Russia was responsible and instead claimed that most cyberattacks were launched from the U.S.
But a recent report from Microsoft concluded that Russia was behind 58 percent of all state-sponsored hacking in the last year.
It mostly targeted government agencies and think tanks in the U.S., followed by Ukraine, Britain and European NATO members, the company said.
In his opening remarks Jake Sullivan, President Joe Biden’s national security adviser, said a global effort was essential to cracking the problem.
‘You know, we know very well all of us who have gathered here today that we cannot do this alone,’ he said.
‘No one country, no one group can solve this problem.
‘Transnational criminals are most often the perpetrators of ransomware crimes, and they often leverage global infrastructure and money laundering networks across multiple countries, multiple jurisdictions to carry out their attacks.’
Along with the United States, India, Australia, Germany and the United Kingdom will lead discussions on disrupting ransomware attacks and addressing the abuse of virtual currency.
The meeting opened with several dire warnings of the danger and impact of ransomware.
Yigal Unna, director general of Israel’s National Cyber Directorate, said his country was currently in the grip of a ‘major ransomware attack’ against a major hospital.
‘It doesn’t look pretty good for right now,’ he said.
Local media report that hospitals have been put on high alert across the country as a result of the attack against Hillel Yaffe Medical Center in Hadera.
Ransomware payments totaled more than $400 million around the world last year, according to the White House.
But Russia is not the only hotspot.
Earlier this summer, the U.S. formally blamed China for the mass-hacking of Microsoft Exchange servers, as well as using ransomware to extort U.S. businesses.
‘Their operations include criminal activities, such as cyber-enabled extortion, crypto-jacking and theft from victims around the world for financial gain,’ said a senior administration official at the time.
‘In some cases, we’re aware of reports that [People’s Republic of China] government-affiliated cyber operators have conducted ransomware operations against private companies that have included ransom demands of millions of dollars.’