US-led Initiative to Bar Ransomware Payouts

A coalition of forty nations, led by the United States, pledge to never pay ransom fees demanded by cybercriminals in an effort to curb the global surge of ransomware attacks. By disrupting the financial lifeline of cybercriminals, the International Counter Ransomware Initiative (CRI) aims to curtail the global proliferation of ransomware. As this coalition works to disrupt the ransomware funding model, improved backup recovery systems becomes a strategic means to not only undercut the necessity of paying ransomware demands but also fortify organizational resilience against evolving cyber threats, according to Anne Neuberger, United States Deputy National Security Adviser. 

According to a SonicWall report, the leading cybersecurity concern among 91% of companies is falling victim to a ransomware attack. While the potential repercussions of a ransomware breach can vary from industry to industry, they can have a major impact on business operations and continuity. For instance, in the retail industry, a ransomware breach can lead to substantial losses due to operational disruptions or shutdowns, malfunctioning points of sale, compromised consumer trust and loyalty, and other adverse consequences.

"As long as there is money flowing to ransomware criminals, this is a problem that will continue to grow," says Anne Neuberger, United States Deputy National Security Adviser. A problem that impacted over 72% of companies globally in 2023, according to Statista. This serves to underscore the importance of disrupting the ransomware funding model that helps perpetuate their efficiency and propagation.  

To hamstring cybercriminals’ ransomware strategies, the CRI will establish two information-sharing platforms to identify, flag, and freeze ransomware payment accounts. Through these platforms, partnered countries will also help to compile a comprehensive blacklist of digital wallets being exploited to facilitate ransomware payments, a list that will bemanaged by the United States Department of Treasury. 

Currently, most cybercriminals opt for cryptocurrencies to facilitate ransomware payments, as it enables them to evade identification. However, the CRI is racing to leverage AI-powered tools to scrutinize blockchain transactions and effectively track illicit funds carried out through crypto payments. By targeting the financial backbone of these activities, the CRI aims to dismantle the operational infrastructure of cybercriminals.

 Amid this ongoing battle, backup recovery systems emerge as a potential solution against the surge of ransomware attacks. Although investing in robust backup solutions constitutes a significant financial commitment, it often proves to be more economical when compared to the exorbitant sums demanded by cybercriminals. Furthermore, these systems can also effectively reduce potential downtimes resulting from ransomware attacks and bolster an organization's overall cybersecurity posture.

Ultimately, striking a balance between avoiding ransomware payments and investing in backup recovery systems could significantly deter cybercriminals’ hacking efforts, given that the global average cost of a data breach triggered by a ransomware attack is currently valued at US$4.45 million, according to IBM. Implementing these strategies would deal a substantial blow to the cybercriminal economy, which could help reduce the sophistication of their hacking methods.