US-led coalition of nations agrees to end ransomware payments to hackers

Ransomware mockup of a red neon motherboard with a floating triangular warning sign denoting danger
(Image credit: Getty Images)

A coalition of nations has agreed to never pay ransoms to hackers as part of a US-led initiative to tackle global cyber crime.

40 countries in total have pledged their support for the International Counter Ransomware Initiative (CRI), which aims to stem the flow of funding to sophisticated ransomware gangs

The CRI initiative first launched in 2021, with 30 members - including the European Union - pledging support for the scheme.

However, White House officials said the expansion comes amidst a period of heightened ransomware threats for organizations and governments globally. 

Anne Neuberger, US deputy national security adviser told journalists the US is the most-targeted nation worldwide at present, accounting for nearly half (46%) of all ransomware attacks. 

“As long as there is money flowing to ransomware criminals, this is a problem that will continue to grow,” Neuberger said in a press briefing. 

Hitting ransomware gangs' pockets

As part of the initiative, the alliance aims to cut the flow of funding to cyber criminals by improving data sharing between nations on ransom payment accounts, officials said.  

This will see the launch of two new information-sharing platforms for participating countries. One will be created by Lithuania while another will be jointly created and hosted by Israel and the United Arab Emirates. 

Neuberger told journalists a new “black list” will also be created by the US treasury department to identify and highlight digital wallets being used to deposit and move ransomware payments. 

The establishment of these information sharing platforms means that “if one country is attacked, others can quickly be defended”, Neuberger said. 

“Ransomware is an issue that knows no borders, it crosses borders,” she said. “You have attackers in a set of countries using infrastructure in another set of countries targeting victims, hospitals, and companies and governments around the world.”

Growing ransomware threats

Ransomware attacks have surged across 2023, according to recent analysis from ThreatLabz. Over the course of the year, the number of attacks has increased by 37%, with the average enterprise ransom payment now exceeding $100,000. 

The average demand from cyber criminals in the wake of an attack also now stands at $5.3 million, research shows. 


Whitepaper from BT on how to embed a cybersecurity culture, with image of a businessman looking out of an office in a high-rise building

(Image credit: BT)

Establish a culture of cyber security awareness within your company


US authorities, businesses, and public services have faced an onslaught of attacks in recent years. Several high-profile attacks so far this year have wrought havoc for victims. 

In September, MGM Resorts was severely disrupted by a suspected ransomware attack that shut down systems at the firm’s Las Vegas hotels.  

The hotel group said this month it expects the disruption will cost up to $100 million. 

September also saw a devastating attack against cleaning product firm, Clorox, which the firm said resulted in “widescale disruption” of its operations. 

Ross Kelly
News and Analysis Editor

Ross Kelly is ITPro's News & Analysis Editor, responsible for leading the brand's news output and in-depth reporting on the latest stories from across the business technology landscape. Ross was previously a Staff Writer, during which time he developed a keen interest in cyber security, business leadership, and emerging technologies.

He graduated from Edinburgh Napier University in 2016 with a BA (Hons) in Journalism, and joined ITPro in 2022 after four years working in technology conference research.

For news pitches, you can contact Ross at, or on Twitter and LinkedIn.