Tech Envoy Series: Digital Holdup – Countering Ransomware’s Hostile Takeover

From left to right, Jordana Siegel, Cybersecurity and Data Protection Public Policy, AWS; Sonia Jimenez, Senior Counsel, Computer Crime and Intellectual Property Section, U.S. Department of Justice; Violanda Botet, Deputy Executive Secretary, Inter-American Committee against Terrorism (CICTE), Organization of American States; Carlos Alberto Ibarra Espinosa, Third Secretary, Permanent Mission of Panama to the OAS; Abby Daniell, Director, Latin America, Canada, and Caribbean Public Sector, AWS; Megan Stifel, Chief Strategy Officer, Institute of Security and Technology take a picture during a Tech Envoy Series program at Meridian House in Washington, DC on September 7, 2023. Photo by Steven Bobb.

 

WATCH THE RECORDING HERE

September 7, 2023

The relentless surge of attacks has triggered a heightened response from governments and industries worldwide. With each passing year, these malicious assaults inflict increasingly substantial financial losses on organizations, amounting to billions of dollars. As the scope and scale of these attacks expand, the urgency to confront this mounting challenge has never been clearer.

On September 7, Meridian convened Digital Holdup: Countering Ransomware’s Hostile Takeover where we released the joint Amazon Web Services' and Organization of American States’ white paper, Challenges and Strategies: Considerations on Ransomware Attacks in the Americas. This Tech Envoy Series program focused on the rising cost of ransomware attacks, vulnerable sectors, resilience strategies, and tactics to combat ransomware.

With introductory remarks by Meridian CEO Ambassador Stuart Holliday, the program featured the following speakers:

  • Violanda Botet, Deputy Executive Secretary, Inter-American Committee against Terrorism (CICTE), Organization of American States
  • Jeimy J. Cano M., PhD., Professor and International Independent Cybersecurity Consultant, Colombian Association of Systems Engineers (via Zoom)
  • Valerie M. Cofield, Chief Strategy Officer, Cybersecurity & Infrastructure Security Agency
  • Abby Daniell, Director, Latin America, Canada, and Caribbean Public Sector, Amazon Web Services
  • Carlos Alberto Ibarra Espinosa, Third Secretary, Permanent Mission of Panama to the Organization of American States
  • Sonia Jimenez, Senior Counsel, Computer Crime and Intellectual Property Section, U.S. Department of Justice
  • Jordana Siegel, Cybersecurity and Data Protection Public Policy, Amazon Web Services
  • Megan Stifel, Chief Strategy Officer, Institute for Security & Technology

Here are some top takeaways from the program:

1. Ransomware’s climbing costs

With more than $20 billion lost to ransomware attacks in a single year; the costs are staggering. Even more alarming, these amounts are underreported, indicating that the actual costs of ransomware attacks exceed these staggering amounts, underscoring the urgent need for organizations and governments to prioritize cybersecurity. Failure to do so not only results in financial loss and instability while also undermining national security, and disrupting critical systems.

Ransomware attacks have evolved from relatively small-scale disruptions to multi-million-dollar threats, with far-reaching implications for various stakeholders. In June 2021, Costa Rica suffered a significant ransomware attack on its public sector, affecting various government institutions and leading to a multi-million-dollar ransom demand. This incident highlighted the vulnerability of public infrastructure and the escalating financial toll of ransomware on governments.

2. Data worth targeting: the threat to “Target Rich & Resource Poor” sectors

Ransomware poses a particularly acute threat to sectors that have high levels of vulnerability and low levels of protection, such as healthcare, wastewater management, and K-12 education. These industries often grapple with limited budgets and resources dedicated to cybersecurity and safeguard significant amounts of sensitive or personal-identification data making them attractive targets for cybercriminals.

These sectors have “data worth targeting, and it’s not a question of if, it’s a question of when,” says Abby Daniell. She recommends two strategies to effectively mitigate the threat: leveraging automatized security to prevent attacks and having a plan in the case of a ransomware attack.

3. Collaborative defense against borderless threats

Fighting cyber threats is the ultimate team sport, requiring not only interagency cooperation, but also international collaboration. These threats transcend borders, and cybercriminals often operate from jurisdictions that are difficult to reach through conventional legal means. Leaders must come together to share threat intelligence, coordinate responses, and harmonize cybersecurity efforts.

Multinational organizations like the OAS play an important role in information sharing. Carlos Alberto Ibarra Espinosa highlighted how OAS support is crucial for capacity building and developing legal frameworks to manage and mitigate ransomware and other cyber threats. Frameworks like the Budapest Convention on Cybercrime also serve as mechanisms to build relationships and facilitate cooperation across borders.

4. Staying a step ahead: proactive tactics

Being proactive is key to reducing the risks and mitigating the impact of ransomware attacks in an ever-evolving digital landscape. Ransomware attacks have become increasingly sophisticated and devastating. By taking a proactive stance and prioritizing cybersecurity investment, organizations can implement robust protective measures, regularly update their defenses, and educate employees to recognize potential threats before they escalate. Sonia Jimenez emphasized the importance of measures like the creation of a Cyber Security Strategy, and highlighted the example of the national initiative spearheaded by the Office of the National Cyber Director.

There was a consensus that many successful cyberattacks result from a failure to implement basic security recommendations. Cloud services were mentioned as a valuable resource for automating security patching and ensuring rapid responses or otherwise preventing vulnerabilities. The white paper, Challenges and Strategies: Considerations on Ransomware Attacks in the Americas, also outlines several steps to help deter ransomware attacks.

5. Ransomware resilience toolbox

The arsenal of tools available to combat ransomware is evolving, offering new ways to defend against these attacks and mitigate their impact. Artificial intelligence, quantum computing, and upskilling workforces have proved to be effective countermeasures against ransomware.

Trainings like the tabletop activities and simulations conducted by AWS in collaboration with the OAS have helped educate and arm Latin American government officials to prevent and combat ransomware attacks. Speakers also discussed strategies for raising awareness among youth and adolescents about these threats, and collaborations with educational institutions to introduce cybersecurity curriculum. Private-public partnerships can draw on the strengths of the private sector and in return enhance the public sector’s capacity to maintain stronger economic safety and security.

By integrating AI-driven threat detection, quantum-resistant encryption methods, and a cybersecurity-savvy workforce, organizations can significantly enhance their resilience against ransomware attacks.

In an increasingly interconnected world, the consequences of a successful cyberattack can ripple across nations, affecting critical infrastructure, economies, and national security. In many cases, ransomware attacks are only one piece of a larger criminal operation contributing to illicit economies internationally. Read more on the illicit economy and how it ties into cybercrime here: International Dialogues to Fight Illicit Economies | Meridian International Center

Project summary