Finance ministers from the G7 industrialized countries expressed concern on Tuesday over the rise in malicious cyberattacks, especially ransomware attacks, in the midst of the Covid-19 pandemic.
G7 Finance ministers warn of ransomware attacks that have been growing in scale, sophistication, and frequency over the past two years.
The ministers added that some of the most active ransomware gangs are
vulnerable to influence by nation-state actors.
Cyber threats cause significant economic damage and threaten customer protection and data privacy.
Experts are observing a significant increase in the number of Ransomware attacks against hospitals, financial institutions, schools, and other critical infrastructure in G7 countries.
The ongoing COVID-19 pandemic has enlarged our surface of attack giving major opportunities to ransomware attackers. Researchers have observed a surge in COVID-19-related phishing campaign aimed at distributing malware, including ransomware.
“Ransomware attackers demand payments primarily in virtual assets to facilitate money laundering. The payment of ransoms demanded by these criminals can incentivize further malicious cyber activity; benefit malign actors and fund illicit activities; and present a risk of money laundering, terrorist financing, and proliferation financing (ML/TF/PF), and other illicit financial activity.” reads the ransomware Annex to the G7 statement. “In some cases, this activity occurs without victims even achieving a return to normalcy.”
G7 experts pointed out that these attacks often involve payments in crypto-assets, jeopardizing essential functions along with our collective security and prosperity.
The ministers and central bank governors recommend caution in the deployment of cryptocurrencies, and highlight the important role that could play cryptocurrency schemes operated by central banks.
“Ransomware attacks can impose devastating consequences on victims and those that depend on them. Not only can the financial costs be high, but the disruption to critical sectors, including financial services and healthcare, as well as the exposure of confidential information, can cause severe damage.” continues the statement. “The payment of ransom may encourage future ransomware payment demands, especially against the victim or type of victim that has proven profitable in the past”
The G7 confirmed its total commitment in coordinating action to mitigate the ransomware threat.
“The G7 is committed to working with our financial sectors to combat ransomware. The G7 reminds financial institutions that the payment of ransom entails financial activity and as such is subject to AML/CFT laws and regulations.” concludes the statement. “The G7 notes that even companies whose primary business is not financial services, such as a cyber-incident consulting firm, may fall under the obligations for financial institutions if they provide qualifying services, such as money transfers.
“The fact that criminals often demand that ransoms be paid in virtual assets is of particular concern to the G7 and magnifies the need for all countries to effectively and expeditiously implement the FATF’s standards on virtual assets and virtual asset service providers.”
(SecurityAffairs – hacking, K-Electric)