The "counter-ransomware" event – with 30 countries participating – addressed the financial systems that make the booming ransomware business profitable, how to disrupt the ransomware ecosystem and ongoing diplomatic efforts.
Ransomware payments reached over $400 million globally in 2020, and topped $81 million in the first quarter of 2021, the White House said, underscoring how alarmingly profitable ransomware has become.
Research coming out next week shows how often a ransom is paid. A whopping 83% of ransomware victims surveyed admitted to paying attackers to get their data restored, according to cybersecurity firm ThycoticCentrify.
"Ransomware is primarily a profit-seeking endeavor, commonly leveraging money laundering networks to move ransomware proceeds," according to a joint statement of the ministers and representatives from the Counter Ransomware Initiative Meeting on Thursday.
Ransomware primarily targets businesses and the best insights for tackling ransomware attacks often come from private sector entities, a senior administration official said in a background press call on Wednesday.
And that’s where the focus needs to be, Bryan Hornung, CEO of cybersecurity firm Xact I.T. Solutions, told FOX Business.
"The quickest bang for your buck will come from the private sector bolstering its cybersecurity investments," Hornung said. "This is the low-hanging fruit … simply because most of the private sector is so far behind"
Russia and North Korea – often cited as countries hosting ransomware actors – did not participate in the event, which the White House also addressed in the call.
"We do look to the Russian government to address ransomware criminal activity coming from actors within Russia," the senior administration official said responding to a question.
Hornung has doubts about the efficacy of diplomacy: "To date, I don’t think these diplomatic efforts have been successful at all."
"It might be plausible that behind closed doors, there is progress happening. Still, Russia has consistently stated that the U.S. has never produced enough evidence to warrant Russian authorities to step in. The only efforts that have worked to date either involved brute force by U.S. law enforcement or working with another country near Russia’s borders," he said.
North Korea is also a constant threat. "We’ve talked about Russia, but North Korea is obviously a big player in ransomware just to support the operations of their government," the administration official said, adding "if Russia is at least nominally …susceptible to various geopolitical pressure as part of the international economic system, North Korea is really, really much less susceptible."