Alliance of 40 countries to vow not to pay ransom to cybercriminals, US says

So there&#x27;s that woman I follow who used to work in hostage and ransom negotiation business, and she&#x27;s adamant there&#x27;s no such thing as &quot;no negotiations with terrorists&quot; no matter public rhetoric or legislation. When push comes to shove, side channels and loopholes are inevitably found and third party contractors like her are getting hired.<p>I strongly suspect this too will end up mostly a jurisdiction&#x2F;accounting nuance rather than a substantial change.

&gt;Neuberger told journalists a new “black list” will also be created by the US treasury department to identify and highlight digital wallets being used to deposit and move ransomware payments.<p>&gt;The establishment of these information sharing platforms means that “if one country is attacked, others can quickly be defended”, Neuberger said.<p>pardon the dust whilst I apply my 14th century naval hammer to this clearly 21st century nail.

&quot;She added that the effort will use artificial intelligence to analyze blockchain with a view to identifying illicit funds.&quot;<p>Watch out, people still using last year&#x27;s favourite buzzword, we&#x27;ll sic this year&#x27;s favourite on you.

It&#x27;s about dang time. Years ago I attended a security conference where an FBI guy was actually advising people to pay the ransom. I was shocked.

&gt; The members of the International Counter Ransomware Initiative (CRI)— Australia, Austria, Belgium, Brazil, Bulgaria, Canada, Croatia, Czech Republic, Dominican Republic, Estonia, France, Germany, India, Ireland, Israel, Italy, Japan, Kenya, Lithuania, Mexico, the Netherlands, New Zealand, Nigeria, Norway, Poland, Republic of Korea, Romania, Singapore, South Africa, Spain, Sweden, Switzerland, United Arab Emirates, United Kingdom, United States, and Ukraine, and the European Union..<p><a href="https:&#x2F;&#x2F;www.whitehouse.gov&#x2F;briefing-room&#x2F;statements-releases&#x2F;2022&#x2F;11&#x2F;01&#x2F;international-counter-ransomware-initiative-2022-joint-statement&#x2F;" rel="nofollow noreferrer">https:&#x2F;&#x2F;www.whitehouse.gov&#x2F;briefing-room&#x2F;statements-releases...</a>

&gt; This will see the launch of two new information-sharing platforms for participating countries. One will be created by Lithuania while another will be jointly created and hosted by Israel and the United Arab Emirates.<p>Nice to see smaller countries taking the initiative and also being trusted for projects like this.

Yup.<p>Maybe it&#x27;s also time that companies take cybersecurity more seriously, and maybe not just companies, but governments too.<p>If insurance companies would cover ransomware damage, you can be certain those insurance companies would IMMEDIATELY lobby the government to enforce cyber security standards, audits, pentesting etc.<p>It&#x27;s not happening as long as the NSA is on top of the race of cyberweapons, but once that changes, you can be certain that software is going to be more secure.

The HN title matches the article headline, but the article headline is horribly inaccurate.<p>This is not about making ransom payments illegal, as many commenters have assumed. They are setting up an international information-sharing system to help track cryptocurrency wallets that are receiving ransom payments.

It&#x27;s unclear who in the USG is actually responsible for enforcing this, especially against those organizations that do send payments anyways.

First of all, it&#x27;s not a nation who pays in case of a breach. It&#x27;s some company. Nation as countries do not have anything to do with it, unless they create some laws denying payments. Which would tight control of any businesses in hands of politicians signing off indulgences (exceptions to pay as &quot;too big to fail&quot;).

The reality of where the pay&#x2F;don&#x27;t pay falls down.<p>If your records have been encrypted and taken, you have already taken a reputational hit to sensitive information. If you can recover your operations then you shouldn&#x27;t even think about paying the ransom.<p>However, if your systems have been encrypted AND you can&#x27;t recover them in a reasonable way AND not having your systems is catastrophic to your business continuing then this is where companies consider paying. Hopefully with a renewed understanding of how important it is to have appropriate information security controls in place.<p>The only way not paying ransoms will happen, is if it is made illegal or there are significant penalties as a result of doing so. Otherwise, for some businesses not paying the ransom when their systems are offline is just too risky.

So let&#x27;s imagine a company like Garmin experiences a ransomware attack. Their business is paralyzed. What would stop them from paying the ransom and what could possibly be an alternative to that?

&gt; Partner countries will share a &quot;black list&quot; through the U.S. Department of Treasury that will include information on digital wallets being used to move ransomware payments<p>I don&#x27;t think they realize how easy it is to generate new wallet. Nobody is going to use their home wallet address to demand ransom

I think this needs to be combined with ways to make companies more resistant to ransomware attacks, and more able to restore their computers if an attack does happen.<p>If companies could get back on line within 24 hours, they wouldn&#x27;t pay the ransomware.

Ransomware-ing companies is terrorism. Knocking a hospital computer system offline is equivalent to bombing it and should be treated as such. There should be renditions&#x2F;assassinations as a retaliatory measure.

Good. Paying those criminals is unethical and makes the problem worse for everyone.

If stakes are high enough nations will pay, this is different than enforcing corps not paying. It will be hard to detect at a national level if there was a hack or a payment unless they decide to declassify it

&quot;I have your lottery winnings. Send (amount) to me to process sending you the money.&quot;<p>That&#x27;s a scam, right?<p>&quot;I have encrypted your files. Send (amount) and I&#x27;ll decrypt them for you.&quot;<p>Not a scam?

Sorry for my cynicism but it seems that any cryptocurrency that is able to solve the traceability problem has now one more business opportunity.

Two thoughts:<p>1) There&#x27;s no way to enforce this to private companies in the US without passing some sort of Federal law. I&#x27;m pretty certain no states have passed anything like this either.<p>2) So, we can assume the alliance is government agencies not paying ransomware. For the US, it&#x27;s only the Federal government agreeing to this. If the County Court of Middle of Nowhere Nebraska gets ransomwared. The Feds can put all the pressure they want on them not to pay, but at the end of the day, they can&#x27;t stop them from paying.

A good way to prevent crime is to make it not profitable. Why invest in security when you can just pay the ransom?

This is basically cartel pricing, which is never a stable arrangement.

How is this being reported without a list of the countries?

The submitted URL <a href="https:&#x2F;&#x2F;www.itpro.com&#x2F;security&#x2F;ransomware&#x2F;coalition-of-nations-agree-to-end-ransomware-payments-to-hackers" rel="nofollow noreferrer">https:&#x2F;&#x2F;www.itpro.com&#x2F;security&#x2F;ransomware&#x2F;coalition-of-natio...</a> doesn&#x27;t seem to link to the reporting it&#x27;s drawing on, so I changed it to a reasonable candidate.

They have vast solutions to all online issues contact them through their mail remotespywise @gmil com ‬Their services includes hacking phone,database,record expungements,spy,and private investigator .Their hacking service is completely anonymous and very easy to use. The most interesting thing about this is, it is very fast and comes with lots of features

Of course, because they do have backups. Lol.<p>So far only the central bank of Sambia had a backup and could just ignore the ransom.