DEPUTY SECRETARY VERMA: Well, thank you, Anne. Good afternoon, everybody. It’s always a great pleasure to be here at FSI. And let me thank you in particular for your leadership. You’re the first ever deputy national security advisor for Cyber and Emerging Technology, and you have done an extraordinary job, so thank you. To my friend Nate Fick, also first head of our cyber bureau, we are really lucky to have you come out of private industry, back into government again. Thank you for your leadership. And really thank you to all of you for getting together, for committing time to this critically important topic.
I’ve been in this role as Deputy Secretary for about 20 months or so. I’ve been to over 50 countries. I’ve raised this issue on many occasions with probably many of you in this room. And if we leave here with one message, we have to work together to solve this problem.
Again, back to where you are located today, the Foreign Service Institute, this is where we ensure America’s diplomats are trained and equipped to meet the tests of the 21st century. So again, it’s a fitting place to welcome all of you from around the world – from government, the private sector, academia – to address a challenge earlier generations couldn’t have imagined.
This past May in San Francisco, the Secretary of State unveiled the United States International Cyberspace and Digital Policy Strategy – a comprehensive vision for advancing an innovative, secure, and rights-respecting digital future.
The centerpiece of that strategy was the idea of quote “digital solidarity” – digital solidarity – with likeminded countries supporting each other and working together to shape that affirmative technological future. That includes addressing pressing cyber threats like ransomware.
Last year, there were more than 6,600 ransomware incidents in 117 countries – a 73 percent increase from the previous year – including over 2,800 events in the United States alone. That’s 6,600 times that cyber criminals have sent malicious code to lock someone out of their computers – or threaten to leak sensitive information – until their victims paid up.
To regain access to their systems and data, targeted institutions handed over more than $1 billion just last year. But the impact of ransomware goes beyond the direct and indirect financial cost.
What makes ransomware so devastating is the way that it actually affects our everyday lives – crippling the hospitals where we receive care; exposing financial data and other personal information; disrupting municipal services like fire and police departments.
In short, ransomware is a global threat to security, to public safety, and to economic prosperity, and it requires a global response.
And that was the idea behind the Counter Ransomware Initiative, which the United States and three dozen other countries stood up three years ago. And again, thank you for your leadership on this.
And since 2021, this initiative has grown to include 68 members from every region of the world. Over the past year alone, 18 new members have joined – from Argentina to Cameroon to Moldova.
And again, as I’ve said, I’ve certainly raised this, and the Secretary raises it on almost every stop that he makes. Together, our countries are thwarting ransomware attacks and holding accountable those who perpetrate them.
This past February, American and British law enforcement disrupted the operations of the so-called LockBit ransomware organization.
In July, the United States, the UK, and South Korea indicted a North Korean whose ransomware operations funded cyber espionage and cyber crime. The FBI also seized more than $100,000 in virtual currency generated from these attacks.
Today, the Department of Treasury is sanctioning Russian actors connected to the cyber crime and ransomware group Evil Corp – appropriately named – which has siphoned more than $100 million from financial institutions in over 40 countries.
We’re deepening cooperation between our governments as well – between the public sector, private sector, and academia. Publishing the tactics and digital fingerprints of known ransomware acting – actors, for instance, can help other countries and organizations know what to look out for. So through a task force co-chaired by Australia and Lithuania, as well as the new public-private sector advisory panel Canada launched yesterday, we’re sharing information and best practices. We’re fostering collaboration and making it easier to request assistance when a partner experiences a ransomware incident.
The Counter Ransomware Initiative is also strengthening the capacity of our partners, from a cyber bootcamp hosted by the Organization of American States to the U.S. Justice Department sending experienced prosecutors to train and support law enforcement officials in other countries as they go after malicious cyber actors. One example in particular – and I know Ambassador Fick and I and Anne have all been there, but in Costa Rica, where malicious actors targeted government systems with ransomware in 2022, the United States has committed $25 million to help Costa Rica secure vital government networks, including establishing a virtual security operations center.
And last year, our U.S. Congress, with bipartisan support, authorized the creation of a $50 million fund to support additional efforts to enhance other countries’ cyber infrastructure. This new fund will scale and develop new programs like our recently launched rapid response tool, FALCON, which helps American partners address cyber vulnerabilities within as little as 48 hours. This is what digital solidarity is all about.
We’re also building resilience so that organizations are better prepared for – and so they can bounce back after – attacks: expanding cyber insurance so that losses are covered in the event of a ransomware incident; integrating security features like two-factor authentication into the design of software from the beginning, rather than as an afterthought; and supporting the victims of ransomware as attacks – from ransomware attacks as they recover.
Finally, we continue to promote rules-based behavior, and this is particularly important for all of you as we work to build the architecture here in this critically important space. Every UN member-state has endorsed the Framework for Responsible State Behavior in Cyberspace, committing to combat cyber criminals in their jurisdictions and to refrain from actions that intentionally impair or damage critical infrastructure. No nation should offer safe haven to cyber criminals who target schools and hospitals. And when countries like Russia and North Korea violate these commitments with impunity – tolerating or even encouraging and directing ransomware actors – we must all stand up, call them out, and hold them to account.
Over the past four years, this group has risen to the challenge of combating ransomware. In the coming years, we must sustain and build on these efforts. We must recruit more countries to our cause and encourage our partners to raise their minimum cyber security standards, especially for critical infrastructure like hospitals. We have to become even more proactive in helping countries recover from major ransomware attacks. Ransomware fundamentally seeks to take control away from those it targets. Cyber criminals want to make their victims feel powerless, like they have no choice but to submit to digital extortion.
This Counter Ransomware Initiative – and everyone here today – reminds us that we are not powerless, we are not alone. And by continuing to work together, we can advance a digital future that upholds our values and makes life more secure, more prosperous, and more full of opportunity for everyone.
Thank you for what you are doing. Thank you for your commitment to this topic. I look forward to hearing all of the results that come from these meetings and working with all of you in the months and years ahead. Thank you very much. (Applause.) Official news published at https://www.state.gov/deputy-secretary-for-management-and-resources-richard-r-verma-at-the-fourth-international-counter-ransomware-initiative-summit/