30 countries announce crackdown on ransomware payments

Over 30 countries have pledged to act against ransomware gangs by blocking the cryptocurrency payment channels they use.

A joint statement issued after the virtual Counter-Ransomware Initiative meetings held this week by the White House National Security Council stated the countries “recognize that ransomware is an escalating global security threat with serious economic and security consequences.”

The statement was issued by government ministers and representatives, including those from the US, the EU, UK, Australia, France, Germany, Canada, Japan, Italy, Mexico, and others. Notably absent from the meetings were the countries of Russia and China.

A separate White House fact sheet said ransomware payments reached over $400 million globally in 2020 and topped $81 million in the first quarter of 2021, illustrating the financially driven nature of these activities.

The statement said the 30 governments recognize the need for urgent action, common priorities, and complementary efforts to reduce the risk of ransomware.

“Efforts will include improving network resilience to prevent incidents when possible and respond effectively when incidents do occur; addressing the abuse of financial mechanisms to launder ransom payments or conduct other activities that make ransomware profitable; and disrupting the ransomware ecosystem via law enforcement collaboration to investigate and prosecute ransomware actors, addressing safe havens for ransomware criminals, and continued diplomatic engagement,” the statement read.

The governments said taking action to disrupt the ransomware business model requires concerted efforts to address illicit finance risks posed by all value transfer systems, including virtual assets, the primary instrument criminals use for ransomware payments, and subsequent money laundering.

“We acknowledge that uneven global implementation of the standards of the Financial Action Task Force (FATF) to virtual assets and virtual asset service providers (VASPs) creates an environment permissive to jurisdictional arbitrage by malicious actors seeking platforms to move illicit proceeds without being subject to appropriate anti-money laundering (AML) and other obligations," officials said.

"We are dedicated to enhancing our efforts to disrupt the ransomware business model and associated money-laundering activities, including through ensuring our national AML frameworks effectively identify and mitigate risks associated with VASPs and related activities."

The governments added that they would enhance the capacity of national authorities, to include regulators, financial intelligence units, and law enforcement to “regulate, supervise, investigate, and take action against virtual asset exploitation with appropriate protections for privacy, and recognizing that specific actions may vary based on domestic contexts.”