Can CRI members really avoid paying ransomware ransoms?

/in


  • The International Counter Ransomware Initiative met this week and outlined how its members would combat the growing threat of cybercrime.
  • Among the commitments was a recommendation for CRI members not to pay ransoms.
  • This will be accomplished through training and knowledge sharing among the CRI members.

Ransomware has the ability to entirely upend a business and without proper disaster recovery, a business could be forced to cough up and pay the ransom attackers demand.

This week, 50 members of the International Counter Ransomware Initiative (CRI) met in Washington, D.C for the third convening of the initiative. South Africa is a member of this group. During this meeting the group outlined the development of capabilities to disrupt attackers and the infrastructure they use to conduct said attacks.

There are some great suggestions here such as mentoring and training new CRI members, using artificial intelligence to counter ransomware and even share information about attacks between CRI members.

In addition, there was mention of adopting a policy where governments who are members of the CRI declare that they won’t pay ransoms.

“Through the Policy Pillar, CRI members affirmed the importance of strong and aligned messaging discouraging paying ransomware demands and leading by example. CRI members endorsed a statement that relevant institutions under our national government authority should not pay ransomware extortion demands. CRI members intend to implement the Financial Action Task Force (FATF)’s Recommendation 15 on the regulation of virtual assets and related service providers, which would help stem the illicit flow of funds and disrupt the ransomware payment ecosystem,” reads a briefing published by The White House.

This sounds great but the fact of the matter is that many companies still pay ransoms. In its The State of Ransomware 2023 report, Sophos found that 46 percent of the 3 000 IT and cybersecurity leaders surveyed reported that ransomware ransoms were being paid.

While not paying a ransom is regarded as best practice in the cybersecurity space, as we mentioned, if there aren’t proper backups of data, disaster response and…

Source…