Russia excluded from 30-country meeting to fight ransomware and cyber crime

WASHINGTON - Russia was not invited to attend a 30-country virtual meeting led by the United States that is aimed at combating the growing threat of ransomware and other cyber crime, a senior administration official said.

Many ransomware gangs operate from Ukraine and Russia, private sector cybersecurity experts say. Some US officials and analysts have said Russian ransomware gangs operate with the Kremlin's tacit approval, but are not directly controlled by the government.

The meeting will be held over two days, involve six sessions and include topics such as addressing the misuse of virtual currency to launder ransom payments, prosecuting ransomware criminals, using diplomacy to counter ransomware, and helping nations become more resilient to such attacks, the administration official said.

Along with the United States, India, Australia, Germany and the United Kingdom will lead discussions on topics such as disruption, virtual currency and diplomacy. Others joining the meeting include Canada, France, the United Kingdom, Brazil, Mexico, Japan, Ukraine, Ireland, Israel, South Africa, the European Union.

"We are having active discussions with the Russians, but in this particular forum they were not invited to participate," the senior administration official said, adding this does not preclude Russia from participating in future events.

The official said the United States engages directly with Russia on the issue of ransomware under the US-Kremlin Experts Group, which is led by the White House and has been established by President Joe Biden and Russian President Vladimir Putin.

The official said discussions with Russia are ongoing, the US has shared information on specific criminal actors within Russia and that the country has taken initial steps to address the issues being raised.

Addressing the opening session of the meeting on Wednesday (Oct 13), US National Security Adviser Jake Sullivan said the meeting shows governments of participating countries recognise the urgency of the threat of ransomware.

[[nid:422400]]

"We view international cooperation as foundational to our collective ability to deal with the ransomware ecosystem, to hold criminals and the states that harbour them accountable, and to reduce the threat to our citizens in each of our countries," he said.

President Joe Biden has elevated the response to cybersecurity to the most senior levels of the administration following a set of attacks this year that threatened to destabilise US energy and food supplies.

Hackers caused fuel disruptions in the eastern United States in May when they targeted a pipeline run by Colonial Pipeline.

Sullivan said the US Department of Justice recovered more than US$2 million (S$2.71 million) of ransom paid to criminal actors who attacked the pipeline company.

The Biden administration hopes that their new informal group, which they are calling the Counter-Ransomware Initiative, will bolster their diplomatic push that has included direct talks with Russia as well as the Nato alliance and Group of Seven wealthy nations.