[TheRecord] U.S. convenes 30 countries on ransomware threat — without Russia or China

The Biden administration did not invite Russia to participate in the first meeting of a global effort to combat cybercrime, but could welcome the country that has become synonymous with ransomware to future gatherings.

On Wednesday the White House will begin a two-day virtual event with representatives from 30 countries around the world, dubbed the “Counter-Ransomware Initiative.” The forum is meant to strengthen law enforcement cooperation and diplomatic ties against malicious activities, including the misuse of virtual currency to launder ransom payments.

“In this first round of discussions we did not invite the Russians to participate for a host of reasons,” a senior administration official told reporters during a call on Tuesday. “That doesn’t preclude future opportunities for them to participate as we do further sessions.”

The official said there have been “candid and direct” talks within the experts group that was established after President Joe Biden and Russian President Vladimir Putin met earlier this year about what actions Washington expects the Kremlin to take against ransomware gangs operating on its soil.

“We’ve seen some steps by the Russian government and are looking to see follow-up actions,” according to the official, who declined to elaborate. 

A National Security Council spokesperson later told The Record that China — another major U.S. adversary in cyberspace — also was not invited to the assembly.

Earlier this year the administration and Western allies blamed China for a massive breach of Microsoft Exchange email server software and asserted that criminal hackers connected to the country’s government had carried out ransomware attacks. Last week it was reported Biden and Chinese President Xi Jinping had reached an agreement “in principle” to hold a virtual meeting before the end of the year where the topic of cybersecurity could arise.

Ransomware has become a national security threat over the last year following a series of devastating attacks on businesses that operate critical infrastructure, such as the Colonial Pipeline. Biden gave Putin a list of 16 critical infrastructure sectors that are supposed to be off limits to hackers but, after a brief lull, attacks on U.S. targets by organizations known or suspected to be in Russia have ramped up.

Last month a senior FBI official said his agency saw “no indication” Moscow has cracked down on criminal networks within its territory. A week later the Treasury Department imposed sanctions on a cryptocurrency exchange owned by Russian nationals that officials allege helped launder more than $160 million in illicit funds for various ransomware and criminal groups.

The two-day White House event is organized into six sessions, beginning with a public plenary of the gathered representatives, ministers and other officials. Proceedings will then split into four panels, each led by a different country — India on resilience, Australia on disruption of illicit actors and networks, the United Kingdom on virtual currency and Germany on diplomacy — before reconvening Thursday for a final plenary that will summarize the discussions and outline next steps.

The administration official suggested there would be concrete takeaways from the coalition’s meeting but declined to offer any specifics.

The official stressed there would be similar meetings in the future.

“This is not our first international engagement, it won’t be our last,” the official told reporters. The countries that are participating “are not our only valued partners. We look forward to future engagements in collaboration with these and other countries as we expand and accelerate cooperation on this important topic.”

The post U.S. convenes 30 countries on ransomware threat — without Russia or China appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[ZDNet] This malware is reading your email 30 minutes after the first infection

All posts, ZDNet

Qbot is old malware but it’s operators appreciate efficiency. Source: Read More (Latest topics for ZDNet in Security)

Read More

[TheRecord] White House: Arrested Russian hacker was behind Colonial Pipeline attack

A senior Biden administration official on Friday said one of the Russian hackers arrested earlier in the day by that country’s security service is responsible for the ransomware attack that temporarily crippled the Colonial Pipeline last year. “We understand that one of the individuals who was arrested today was responsible for the attack against Colonial […]

Read More

[TheRecord] Microsoft to require admin rights before using Windows Point and Print feature

Microsoft has released today a security update that will change the default behavior of the “Point and Print” feature to mitigate a severe security issue disclosed last month. First added in Windows 2000, the Point and Print feature works by connecting to a print server to download and install necessary print drivers every time a user creates […]

Read More