The United Kingdom and Singapore have taken the lead in creating new policy guidance aimed at supporting organizations impacted by ransomware attacks, as part of the Counter Ransomware Initiative (CRI) announced at a summit in the United States.
A total of 39 nations and global cyber insurance organizations have endorsed this updated guidance, which builds on prior efforts by the UK’s National Cyber Security Centre (NCSC) in collaboration with entities like the Association of British Insurers, the British Insurance Brokers’ Association, and the International Underwriting Association.
Moving forward, organizations will be encouraged to carefully assess their options rather than hastily paying cyber criminals. The guidance clearly conveys that paying ransoms for stolen data only serves to encourage further attacks and does not guarantee data recovery or enhanced security. Instead, victims are urged to report incidents to authorities, evaluate the availability of their data backups, and seek advice from cyber experts. Organizations should also take proactive measures ahead of an attack by implementing appropriate policies, frameworks, and communication plans.
Security Minister Dan Jarvis highlighted that this guidance aims to undermine the financial incentives behind cyber crime and discourage criminals from targeting additional organizations. “Cyber crime knows no borders. Hence, international collaboration is crucial in addressing the shared threat of ransomware,” Jarvis stated. “This guidance will affect the financial resources of cyber criminals and ultimately safeguard businesses in the UK and globally.”
Jonathon Ellison, the NCSC director for national resilience, emphasized the ongoing threat of ransomware and the need for organizations to bolster their resilience. “The endorsement of this best practice guidance by both countries and international cyber insurance bodies represents a strong impetus for organizations to strengthen their defenses and enhance their cyber preparedness,” Ellison noted. “This collaborative approach, rooted in the CRI’s statement against ransomware from last year and reinforced by guidelines from the NCSC and UK insurance associations earlier this year, showcases a growing worldwide commitment to combatting the ransomware threat.”
In addition to the collaborative UK-Singapore initiatives targeting cyber criminal business models, the summit also witnessed the US launching a new fund for CRI members to provide swift assistance following cyber attacks and enhance national policy and response measures while improving cyber skills.
Meanwhile, Germany and Nigeria are leading efforts to expand the CRI by welcoming new members including Argentina, Bahrain, Cameroon, Chad, Denmark, Finland, Hungary, Moldova, Morocco, the Philippines, Slovenia, Sri Lanka, Vanuatu, and Vietnam, alongside multinational organizations. Australia and Lithuania are focusing on resilience through information sharing, while Canada has created a public-private advisory panel to assist its members.
The summit featured its inaugural event discussing the potential of artificial intelligence in combating ransomware, exploring various use cases such as leveraging AI to track threat actors, improving code security to reduce vulnerabilities, sector-specific scenario planning, and countering disinformation propagated by cyber criminals.