The 68 members of the International Counter Ransomware Initiative (CRI)-Albania, Argentina, Australia, Austria, Bahrain, Belgium, Brazil, Bulgaria, Cameroon, Canada, Chad, Colombia, Costa Rica, the Council of Europe, Croatia, the Czech Republic, Denmark, the Dominican Republic, the ECOWAS Commission, Egypt, Estonia, the European Union, Finland, France, Germany, Greece, the Global Forum on Cyber Expertise, Hungary, India, INTERPOL, Ireland, Israel, Italy, Japan, Jordan, Kenya, Lithuania, Mexico, Morocco, the Netherlands, New Zealand, Nigeria, Norway, the Organization of American States, Papua New Guinea, the Philippines, Poland, Portugal, the Republic of Korea, the Republic of Moldova, Romania, Rwanda, Sierra Leone, Singapore, Slovakia, Slovenia, South Africa, Spain, Sri Lanka, Sweden, Switzerland, Ukraine, the United Arab Emirates, the United Kingdom, the United States, Uruguay, Vanuatu, and Vietnam-met in Washington, D.C. from September 30 - October 3, 2024 for the Fourth CRI Gathering. Previously participating members welcomed Argentina, Bahrain, Cameroon, Chad, the Council of Europe, Denmark, the ECOWAS Commission, Finland, the Global Forum on Cyber Expertise, Hungary, Morocco, the Organization of American States, the Philippines, the Republic of Moldova, Slovenia, Sri Lanka, Vanuatu, and Vietnam as new CRI members.
During the Fourth CRI Gathering, members reaffirmed our joint commitment to develop collective resilience to ransomware, support members if they are faced with a ransomware attack, pursue the actors responsible for ransomware attacks and not allow safe haven for these actors to operate within our jurisdictions, counter the use of virtual assets as part of the ransomware business model, partner with the private sector to advise and support CRI members, and forge international partnerships so we are collectively better equipped to counter the scourge of ransomware.
Over the past year, this coalition has grown and continues to build upon the commitments made at the Third CRI Gathering in 2023. The United States launched a new fund for CRI members to strengthen members' cybersecurity capabilities through both rapid assistance in the wake of a cyber attack, as well as targeted support to improve cybersecurity skills, policies, and response procedures.
The Policy Pillar, led by Singapore and the United Kingdom, spearheaded efforts to build resilience against ransomware attacks and leverage the ecosystem to disrupt the ransomware criminal industry. These efforts seek to undercut the business model that underpins the ransomware ecosystem by driving forward work on secure software and labeling, methods to counter the use of virtual assets as part of the ransomware business model, policies to reduce ransom payments, increase and improve reporting, cyber insurance, and a playbook to guide businesses on how to prepare for, deal with, and recover from a ransomware attack. Of note, CRI members and insurance bodies have endorsed guidance to help organizations experiencing a ransomware attack. The guidance underscores the important role cyber insurance can play in helping to build resilience to cyber attacks and highlights actions organizations should explore during an incident. In addition, the Pillar held a table-top-exercise to assist members in identifying gaps in their processes, learning best practices and supporting members develop effective responses to ransomware attacks on the healthcare sector.
The Diplomacy and Capacity Building Pillar, led by Germany and Nigeria, expanded the CRI's partnerships with the addition of 18 new members to the coalition and mapped out the capacity building assets and needs of members. To foster collaboration, forge new partnerships, and recruit new members into the Initiative, CRI members hosted regional events throughout the year.
