Interpol Calls for New Ransomware Mitigation StrategyThe Agency Will Elevate the Role of National Central Bureaus to Fight Cybercrimes
Interpol announced that it will boost the role of country-specific National Central Bureaus to fight ransomware and other cybercrimes. The announcement from the agency comes in the wake of rising ransomware threats to supply chains and critical infrastructure.
"A global strategy in response to the threat of ransomware is critical - one where we successfully build trust, see effective exchange of data, and maximize rapid operational assistance to law enforcement agencies," Interpol Secretary General Jürgen Stock said during the 16th annual conference for Interpol NCBs held virtually last week.
Among the proposed plans to develop a global strategy for countering ransomware threats are expanding Interpol's secure communications network to assist national police and border control agencies in fighting cybercrime and other security threats. The agency also called for strengthening of regional partnerships to fight cyberthreats globally.
Interpol comprises police networks from 194 member countries, and each of these members hosts an Interpol NCB, which acts as a link between the agency and the law enforcement agencies of each country.
Ransomware stayed at the top of the agenda following the July Fourth weekend Kaseya supply chain attack in which Russia-based hacking group REvil compromised the company's IT management software, VSA. The attackers carried out a series of deceptions to exploit VSA and use it to distribute ransomware to up to 60 of Kaseya's MSP customers. The ransomware was then distributed to up to 1,500 of those MSPs' customers, including grocery chains, schools and restaurants (see: Kaseya: Up to 1,500 Organizations Hit in Ransomware Attack).
Following the high-profile supply chain attack, on Friday, U.S. President Biden urged Russian President Vladimir Putin yet again to take action against malicious entities operating out of the country. Biden added that the U.S. is ready to take "any necessary action to defend its people and its critical infrastructure in the face" of these attacks, according to the official statement posted by the White House (see: Biden Faces Russian Ransomware Curtailment Challenge).
The two leaders had met on June 16 in Geneva to discuss measures to counter ransomware threats. This was following the May ransomware attack on Colonial Pipeline Co. and the REvil attack on meat processor JBS. At the meeting, Biden said 16 sectors of critical infrastructure should be "off-limits" to cyber and other types of attacks.
The U.S. government has initiated several steps to counter the rising sophistication and proliferation of ransomware.
On Wednesday, CISA released its Ransomware Readiness Assessment audit tool to help organizations size up their ability to defend against and recover from attacks (see: CISA Tool Helps Measure Readiness to Thwart Ransomware).
On May 12, the Biden administration issued its cybersecurity executive order, which aims to address ransomware and other threats to the U.S. (see: Biden's Cybersecurity Executive Order: 4 Key Takeaways).
At the Information Security Media Group's Government Cybersecurity Summit to be held July 13, the FBI's Elvis Chan will offer a presentation predicting this will be a busy summer for ransomware investigations, disruptions and takedowns.
"We have many joint investigations with our foreign partners," said Chan, who leads the FBI's cyber division in San Francisco. "Look for this to be a very busy summer for us, with multiple takedowns across different countries."