INTERPOL Secretary General Jürgen Stock has called for police agencies worldwide to form a global coalition with industry partners to prevent a potential ransomware pandemic.
Speaking at the INTERPOL High-Level Forum on Ransomware on July 12, Secretary General Stock said that while some solutions existed nationally or bi-laterally, effectively preventing and disrupting ransomware meant adopting the same international collaboration used to fight terrorism, human trafficking or mafia groups such as the ‘Ndrangheta.
The call to scale up collaboration against ransomware was made in the face of its exponential growth in the wider cybercrime ecosystem, with criminals shifting their business model towards providing Ransomware-as-a-Service.
“Despite the severity of their crimes, ransomware criminals are continuously adapting their tactics, operating free of borders and with near impunity,” said Secretary General Stock.
“Much like the pandemic it exploits, ransomware is evolving into different variants, delivering high financial profits to criminals.”
“Ransomware has become too large of a threat for any entity or sector to address alone; the magnitude of this challenge urgently demands united global action which INTERPOL can uniquely facilitate as a neutral and trusted global partner,” added Secretary General Stock.
Research from Chainalysis found that criminals made USD 350 million in 2020 from ransomware payments, representing an increase of 311 per cent in one year. Over the same period, the average ransom payment increased by 171 per cent, according to Palo Alto Networks.
Some 370 participants from public, private and international entities – including the World Economic Forum (WEF), UNODC and national computer emergency response teams – examined ransomware attacks on critical infrastructures worldwide in the past 12 months alone, including on schools, hospitals, food suppliers and a major oil pipeline.
“Ransomware is emerging as the “Wild West” equivalent of digital space where anyone, at any point of time, can become a victim. Curbing ransomware demands collective efforts from all to improve cyber hygiene across sectors, to raise cost and risk to cybercriminals through disruptive efforts and to reduce payoff to the criminals,” said Tal Goldstein, Head of Strategy, Centre for Cybersecurity, WEF.
“The World Economic Forum Partnership, in close collaboration with INTERPOL, has been working to shape global architectures to support such collaboration and explore ways to encourage responsible measures by the leadership of victim organisations.”
With Project Gateway providing a framework which enables INTERPOL to cooperate with private partners and receive threat data directly, participants endorsed four recommendations to create a global leadership framework for action to disrupt and mitigate the impact of ransomware:
- Prevent ransomware by raising awareness, partnerships and information sharing.
- Aim for pre-exploit disruption of ransomware and its ecosystem through global law enforcement actions both reactively and proactively.
- Provide in-event emergency support against ransomware attacks with the use of INTERPOL’s global network and capabilities.
- Ensure post-event support following ransomware attacks to increase resilience, agility and responsiveness.
“Policing needs to harness the insights of the cybersecurity industry, computer emergency response teams and other agencies to identify and disrupt cyber criminals as part of a true coalition, working together to reduce the global impact of cybercrime,” concluded Secretary General Stock.
Under this framework, INTERPOL will also focus on identifying, targeting and disrupting cybercrime threat actors behind ransomware attacks by taking a regional approach for operational coordination with member countries.