40 Countries Pledge to Combat Ransomware and Disrupt Cybercriminal Funding Through AI-Driven Blockchain Analysis
A U.S.-led alliance comprising forty countries has committed to signing a pledge that they will never pay ransom to cybercriminals.
The initiative, known as the International Counter Ransomware Initiative, is intended to eliminate the funding mechanism for hackers, Reuters reported, citing a senior White House official.
The move comes as the number of ransomware attacks continues to grow globally, with the United States being the hardest hit, accounting for 46% of such attacks.
Anne Neuberger, U.S. Deputy National Security Adviser in the Biden administration for cyber and emerging technologies, highlighted the significance of addressing the financial aspect of ransomware attacks.
She emphasized that as long as money continues to flow to these criminals, the problem will persist and escalate.
Ransomware attacks involve hackers encrypting an organization’s systems and demanding ransom payments in exchange for unlocking them.
Often, the attackers also steal sensitive data, using it as leverage to extort victims and threaten to leak the information online if payments are not made.
Countries to Fight Ransomware Through Information Sharing and AI
The new initiative aims to disrupt the funding mechanisms of cybercriminals through enhanced information sharing about ransom payment accounts.
Lithuania plans to establish one of the information-sharing platforms, while Israel and the United Arab Emirates will jointly create another.
Partner countries will collaborate by sharing a “black list” via the U.S. Department of Treasury, which would contain information about digital wallets used for ransomware payments.
Notably, artificial intelligence (AI) will also play a pivotal role in this endeavor.
The alliance intends to utilize AI-driven blockchain analysis to identify illicit funds.
By leveraging the power of AI, they aim to track and trace the flow of funds associated with ransomware attacks more effectively.
Ransomware Attacks Prefer Cryptocurrencies
According to blockchain analytics firm Chainalysis, the volume of cryptocurrency payments to ransomware attackers is on track to reach its second-highest annual total on record.
“Most of the groups and strains listed as using XMR are relatively new,” crypto intelligence company CipherTrace said in a report last year.
In total, CipherTrace data revealed that at least 22 ransomware groups, not all of which are currently active, accept only XMR, while another seven accept both BTC and XMR.
The analysts found over 50 groups and strains that use XMR, but the list of those using BTC is well over 1,000.
For instance, cybercriminal hacking group DarkSide, which is probably best known for attacking Colonial Pipeline, accepts payments in both BTC and XMR but charges 10% – 20% more for payments in BTC.
While numerous companies fall victim to ransomware attacks each year, high-profile incidents have recently affected major U.S. organizations such as casino operator MGM Resorts International and cleaning products manufacturer Clorox.
These companies are still grappling with the aftermath and struggling to fully recover from the disruptions caused by the attacks.