The head of state of the G7 Group have Russia and other states whose territories from Ransomware gangs operate and develop businesses and state institutions, asked to pursue and prevent the operations of these cybercriminals. This is from the resolution of the G7 states, which was passed to the end of the meeting of the seven head of state in the British Cornwall.
"We call all states to identify and switch off the criminal ransomware networks, which operate within their limits, and to draw these networks for their actions for accounting", It is called point 34 of the resolution of the G7 states. The request obviously aims mainly on Russia. The most recently larger ransomware attacks on Colonial Pipeline and the attack on the meat corporation JBS, which is associated with loose payments in the millions of millions, should have been carried out by Russian territory. In the case of Colonial Pipeline probably from the Ransomware AS-A-Service Group Darkside. The US Department of Justice has therefore demanded due to the severe effects of criminal cyberataps to equate Ransomware attacks with terrorism.
In point 51 of the resolution, the G7 states worked out their interest, "Stable and foreseeable relationships with Russia" want to care. However, Russia had to do so "His destabilizing behavior and his vicious activities" to adjust. Explicitly, the G7 Russia requests those within national borders "to identify, draw states and to account for the ransomware attacks", But also use crypto food to wash away and abuse for other cybercriminality. In the fall of the Errarg of Losegeld at Colonial Pipeline and JBS, the companies had paid Losegeld in Bitcoin. In the case of Colonial Pipeline, the FBI had succeeded in spacing at least part of the crimping money of $ 2.3 million of a total of $ 4.4 million.
Tolerated ransomware bands
The internationally operating Ransomware bands are becoming increasingly becoming a problem and a threat sometimes the critical infrastructure of the attacked states. Obviously, the G7 now wants to work together to involve the criminal machinations. In countries of the Community of Independent States (CIS), to which Armenia, Azerbaijan, Belarus, Georgia, Kazakhstan, Kyrgyzstan, Moldova, Russia, Tajikistan, Turkmenistan, Ukraine, and Uzbekistan, a law enforcement of cybercriminality does hardly take place; Ransomware bands are more or less tolerated.
Prerequisite for this is that you do not start any attacks on companies and facilities of the CIS. Also, the cybercriminals themselves and ensure that their ransomware is not active in these states. This is about ransomware and botnet samples, which with technical measures prevent the malicious software in these states and knows disaster. Users of Ransomware-AS A service often have to clear in a Code of Conduct, not to become tatig in the GUS. The cybercriminals awareness that this happens to their own protection.
The Security Blogger Brian Cancer even reports that it is discussed in the security scene, whether one could not use that for protection against ransomware. Many Ransomware programs contain a kind of virtual reue single, which ensures that the malicious software is not active on Windows systems on which virtual keyboards are installed in Russian and Ukrainian. So it could be banned to set up such a virtual keyboard to ban this danger. However, this supposed protection is controversial because there are quite exceptions and ultimately just bypassing love.