The attention of world leaders to ransomware in a series of high-level meetings highlights how quickly destructive cyberattacks have climbed the political agenda as recent incidents disrupted companies and critical infrastructure in the U.S. and other countries.
President Biden, during a roughly three-hour meeting Wednesday in Geneva, presented Russian President
with a list of critical infrastructure that he said should be off limits to cyberattacks.
The U.S. designates 16 sectors as critical infrastructure, including financial services, communications and agriculture.
“Responsible countries need to take action against criminals who conduct ransomware activities on their territory,” Mr. Biden said after the summit during which the two leaders discussed a range of issues. “This is not just about our self-interest. It’s about a mutual self-interest.”
In a separate news conference after the summit, Mr. Putin said he and Mr. Biden agreed to begin conversations about cybersecurity and reiterated that Russia wasn’t involved in cyber strikes on U.S. organizations, which intelligence officials have said originated in the country.
At the North Atlantic Treaty Organization summit on Monday and the Group of Seven meeting last weekend, leaders committed to upending ransomware networks and holding attackers accountable, in documents published at the end of both summits.
“This is an issue that has been starving for that political attention for a long time,” said Chris Painter, a former senior official in charge of cyber issues at the U.S. State and Justice departments.
Attacks on fuel transporter Colonial Pipeline Co. in the U.S. and Ireland’s public healthcare system in May, as well as a strike this month on
the world’s biggest meat company by sales, made clear how hackers can disrupt businesses, fuel supplies and healthcare services.
Joint statements with the G-7, NATO and European countries is a way for the U.S. to rally its allies and ostracize Russia because so many ransomware groups are based there, said Stefan Soesanto, a senior researcher at the Center for Security Studies at ETH Zurich university.
“Ransomware is now seen as a national security threat and allies want to coordinate their response,” Mr. Soesanto said.
Now that allied countries are discussing the threat of ransomware, they may collaborate on issues such as the stricter regulation of cryptocurrency, the preferred payment method for ransomware hackers, said
former head of the National Cyber Security Centre, the U.K. government’s cybersecurity agency. Transparency rules to improve cryptocurrency’s accountability need to work internationally, he added.
“Given everything else the G-7 had to worry about in the last years, this was never going to get attention,” Mr. Martin said. The focus on ransomware at such high-level meetings will also influence cybersecurity practices if the message from leaders causes companies and government organizations to examine their own plans for dealing with attacks, he added.
Through coordinated statements allied countries can exert more pressure on governments that don’t crack down on cybercriminals in their territory, Mr. Painter said. Plus, international collaboration is necessary to disrupt ransomware groups’ networks, he added, referring to American and European law enforcement authorities’ coordinated dismantling in January of the Emotet computer infrastructure used to launch ransomware.
“This is a global challenge and we cannot do this alone,” Lindy Cameron, current chief executive of the British National Cyber Security Centre, said at an online event Monday by the Royal United Services Institute think tank.
Before the G-7 meeting in Cornwall, England, Mr. Biden met with British Prime Minister
A document published after the meeting referred to the two leaders’ commitment to fighting cyber threats.
Mr. Biden and the leaders of the European Union institutions in a statement after a meeting on Tuesday said they committed “to work together to address the urgent and escalating threat from criminal ransomware networks that pose risks to our citizens and companies.”
Russia, the U.S. and all other U.N. countries in March agreed to respect cyber norms, including a commitment that states shouldn’t knowingly allow cyberattacks that are internationally harmful to be carried out from their territory. The public attention on damaging ransomware attacks has raised alarm among U.N. countries “that cyber issues are very serious and we all have to address state behavior but also cybercrime,” said Heli Tiirmaa-Klaar, Estonia’s ambassador-at-large for cyber diplomacy.
“It’s crucial that governments agree to cooperate on investigating cybercrimes,” she said.
Write to Catherine Stupp at Catherine.Stupp@wsj.com
Copyright ©2020 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8