WSJ Pro | Cybersecurity | Cyber Daily: U.S. Convenes International Summit on Ransomware | DOJ as Ransom Hunter.
Cyber Daily: U.S. Convenes International Summit on Ransomware | DOJ as Ransom Hunter
By Kim S. Nash
Hello. The White House is due to kick off today a
virtual meeting of more than 30 nations to strategize about how to
counter ransomware hackers and establish norms for behavior in the cyber
realm, WSJ’s James Rundle and Catherine Lucey report.
Russia wasn’t invited. For now, officials from the U.S. and Russia meet
for separate talks about cybercrime, a Biden official said.
The summit is the latest piece of the U.S. plan to get the upperhand in fighting cybercrime. Another priority is seizing cryptocurrency linked to ransom payments. WSJ’s David Uberti and Maria Armental have some details of the Justice Department’s effort to claw back ransoms.
Read on for more news.
CONTENT FROM OUR SPONSOR: Netscout
New Threats To Our New Normal
Recent years have shown us that the future is
unpredictable, and cybercriminals have capitalized on it. Being prepared
requires developing both short and long-term strategies that put
President Biden is in ‘candid’ discussions with Russian President
Vladimir Putin about disrupting ransomware operators, a Biden
administration official said. PHOTO: STEFANI REYNOLDS/BLOOMBERG NEWS
U.S. will convene a summit of more than 30 nations starting Wednesday
to discuss methods to combat ransomware. Russia wasn’t invited.
Attendees of the virtual meeting, hosted by the White House’s National
Security Council, will discuss international cooperation on issues such
as the use of cryptocurrency by hackers, norms for conduct in cyberspace
and law-enforcement partnerships, a senior Biden administration
“This event over the next few days is Exhibit A of how we’re working
with international partners to disrupt ransomware networks,” the
The U.S. is continuing to discuss ransomware with Russia through
bilateral channels instead, the official said. “Clearly, Russia plays a
role because of a number of criminal actors who are operating from
Russia. And that is the reason that President Biden established, with
President Vladimir Putin, a dedicated channel for us to have very
focused and candid discussions.”
Following the money: Ramping up ransom seizures is key
to a U.S. strategy to slow ransomware attacks, said Leo Tsao, principal
deputy chief of the Justice Department’s money laundering and asset
recovery section. Mr. Tsao, speaking at WSJ’s Risk & Compliance Forum on Tuesday, didn’t offer details on whether the U.S. would focus on ransoms paid by certain firms,
such as critical infrastructure owners, or sums that reached a specific dollar threshold.
In June, the Federal Bureau of Investigation snagged $2.3 million of bitcoins paid by Colonial Pipeline Co. during a May attack that disrupted the East Coast’s largest conduit for fuel for six days.
Yet ransomware groups are adapting their money-laundering strategies,
Mr. Tsao said. That includes using overseas exchanges outside the reach
of U.S. officials and cryptocurrencies designed to obscure transactions
and better shield owners’ anonymity.
The China-U.S. 5G battle has upended what was once a
mundane process of setting technical specifications with the O-RAN
Alliance, an industry consortium founded in 2018 to develop standards to
make cellular equipment interoperable and thus cheaper. (WSJ)
Olympus discloses second attack. Medical equipment company Olympus Corp.
said a cybersecurity incident discovered Sunday has led to disruptions
in operations in the U.S., Canada and Latin America. The Tokyo-based
company is working to restore its systems, it said. Olympus in September
said a cyberattack affected some of its tech systems in Europe, the
Middle East and Africa. (Security Week)
🎧 Listen: The top U.S. cyber agency doesn’t want to
be known as a regulator, enforcing rules and leveling fines. But that’s
the role CISA might have to take to get companies to reveal details
about cyberattacks. Reporter David Uberti talks through the issue in the
latest WSJ Tech News Briefing podcast.
90 days: Federal agencies have 90 days to figure out
how to give the Cybersecurity and Infrastructure Security Agency the
ability to watch activity from devices connected to their technology
systems, according to a memo issued last week by the Office of
Management and Budget. Such visibility is important to a CISA program
for continuous monitoring, to identify cybersecurity problems quickly.
The OMB is following up on parts of an Executive Order on cybersecurity
from President Biden in May. (NextGov)