U.S. Convenes International Summit on Ransomware

The U.S. will convene a summit of more than 30 nations starting Wednesday to discuss methods to combat ransomware. Russia wasn’t invited.

Attendees of the virtual meeting, hosted by the White House’s National Security Council, will discuss international cooperation on issues such as the use of cryptocurrency by hackers, norms for conduct in cyberspace and law-enforcement partnerships, a senior Biden administration official said.

“This event over the next few days is Exhibit A of how we’re working with international partners to disrupt ransomware networks,” the official said.

Participating nations include longtime U.S. allies such as the U.K., Australia, Germany and Israel, as well as Bulgaria, Kenya, Nigeria and the United Arab Emirates. The list underscores “just how pernicious and transnational and global the ransomware threat has been in the different countries from all different parts of the world who will be participating,” the official said.

The U.S. official didn’t give specific reasons for why the Russian government wasn’t invited to this week’s summit but said the country’s absence at this meeting didn’t preclude its involvement in future such meetings. The U.S. has blamed Russian hackers for launching cyberattacks, including a campaign against technology provider SolarWinds Corp. that resulted in corrupted software being sent to nine U.S. agencies and several companies. Moscow has consistently denied involvement in cybercrimes or that it harbors cybercriminals.

The U.S. is continuing to discuss the issue of ransomware with Russia through bilateral channels instead, the official said, adding that Russia has acted on information shared through those discussions to disrupt ransomware operators.

“Clearly, Russia plays a role because of a number of criminal actors who are operating from Russia. And that is the reason that President Biden established, with President Putin, a dedicated channel for us to have very focused and candid discussions,” the official said.

Homeland Security Secretary Alejandro Mayorkas said in September that ransomware attacks in the U.S. have increased by 300% in the past year.

After high-profile attacks on Colonial Pipeline Co. in May, which disrupted East Coast fuel supplies, and meatpacker JBS SA in June, the U.S. government has dedicated significant resources to cybersecurity efforts.

These include a Justice Department task force focused on ransomware, an executive order from President Biden in May and sanctions in September for a Russia-based cryptocurrency exchange the Treasury Department accused of managing payments for cybercriminals.

Cybersecurity experts have long warned that serious efforts to mitigate the impact of ransomware attacks, which disrupted operations at hospitals and other critical infrastructure during the coronavirus pandemic, are unlikely to succeed without Russian involvement.

“I’ve been in cybersecurity for 24 years and I’ve never seen it this bad,” said Tom Kellermann, head of cybersecurity strategy at software company VMware Inc. “I’ve never seen cybercrime cartels this emboldened, this organized, this sophisticated and so punitive in their actions.”

Ransomware attacks are increasing in frequency, victim losses are skyrocketing, and hackers are shifting their targets. WSJ’s Dustin Volz explains why these attacks are on the rise and what the U.S. can do to fight them. Photo illustration: Laura Kammermann

Write to James Rundle at james.rundle@wsj.com

Copyright ©2021 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8