International Counter Ransomware Initiative Summit

By | November 2, 2022

The White House


Thank you all again for the really good And productive discussions over these Two days we are at the final portion of The agenda which I will begin and Jake Sullivan our national security advisor Will conclude so I welcome every country In the counter ransomware initiative to Give their National closing remarks one Housekeeping note we’re limited to three Minutes of remarks and I’ll call on each Member in order and thank you as well as We make this note not only for your Remarks but for the Deep partnership and Coordination that has gone on throughout The last year as well as in these two Days on our very productive discussions So with that let me Begin by turning it Over to Australia Well thank you and and can I just uh Restate some of the comments made Yesterday about your leadership that of Your staff that are the National Security Council and the broader Biden Administration it’s been your vision and Drive that’s got got us to this point And we’ve got a wonderful platform with Which to go forward Um and to my fellow CRI members uh Colleagues especially in the disruption Working group at Moore generally thank You for your tireless efforts in recent Months as we’ve built to this in-person Summit it’s just so wonderful to Actually be able to meet in person uh

We’ve stated it so many times that I’ll Just state it summarily we’re in this Together it’s a borderless threat so Therefore it needs a borderless response We need to respect the fact that we have Different legal authorities and Capacities and I think we’ve worked Through those issues very well and I got And got to a good equilibrium that Balances the need to have a an Aggressive borderless response but one That respects the equities of national Jurisdictions ransomware and as we’ve Heard from our industry colleagues which Is evolving over time into Data Extortion and no doubt it will keep Evolving into other forms of pathologies Are not just simply criminal acts they Are operating now to scale on a Sophistication that’s also a national Security Challenge and that’s been Highlighted a number of times including By our colleague from Ukraine and Elsewhere at the security of our Population is indeed at risk if that Population does not have secure access To health care to telecommunications to Energy and so many other essential Services of life and so therefore we Need to tackle this problem both as a Criminal challenge as it is but also as A national security Challenge and one Which one in which partnership is so Central to success I’m just so simply

Delighted that we’ve got to a great Position of balancing the different Time Horizons and the different equities And different complexities especially as We now evolve the CRI into its very Clearly demarcated and enduring streams One of which particularly will focus on Solving will addressing and certainly Hopefully hopefully solving complex Policy challenges on an agile Project-based approach which which we Certainly support whilst practitioners Who are ready to to operate with clear Legal authorities at an unclassified Level that will facilitate rapid Information sharing at scale will come Together through the task force and Thank you to all the colleagues Who Provided such uh thoughtful wise Commentary and feedback yesterday it Really helped to evolve our thinking About the task force the task force will Come together rapidly as we refine the Terms of reference and scope over November I’m determined that it’ll be Open for business on one January with a Coordination unit that will both assist In working in partnership with our Private uh Partners to both scale up our Defense and also to scale up our Disruption and as I said in the earlier Session we need to get to a point where It’s not just defense and security by Design but it’s disruption by Design and

To you personally thank you for your Leadership and I’d pass back to you Thank you very much we’ll turn it over To Austria I felt my mistakes Um in the last two days 37 countries Came together to discuss solutions for One of the biggest threats that we are Facing in our digital time and that is a Threat of friends somewhere Um first of all I would like to express My deepest gratitude to the National Security Council and foremost to un Um for giving the fight against Ransomware abroad and Global platform That at least that was my feeling was Deeply needed Um and it’s also a way to Professionalize the fight against Ransomware on an international level The ransomware threat we’re facing Nowadays and I think we all agree on That cannot be solved by one single law Enforcement or intelligent agency alone Um It’s not only a whole of government Approach that is needed but also that is Not enough A whole of society approach delivers a Deeply needed piece to solve the global Ransomware puzzle which also needs to Include a predefined interfaces and Cooperation with the private sector Another important step to solve the

Global ransomware’s threat in my opinion And in the opinion of Austria is the Consistent information sharing we saw a Very interesting example for that with The pilot that was presented by the UE And Israel thank you once again for for The effort you put in that it shows a Visionary example for how a cross-border Operational solution could look like That delivers a concrete and very Positive outcome The second counter ransomware uh Initiative Summit successfully defined a Comprehensive scoping of the most urgent Problems that were outlined in the five Working groups and The hope is that it will set the stage For next concrete steps to secure Critical infrastructure infrastructure Businesses and governments in cyberspace Thank you very much Thank you very much burned we’ll turn it Over please to Belgium And the quality of the debates the Variety of anger discussed as well as The concrete actions identified during These two days Show how valuable this forum is and we Thank the United States for having Hosting it Um cyber crime crime is a tremendous Challenge to our societies there is Simply no alternative to close International cooperation to fight this

Malicious threats so we welcome in Particular the positioning of the Controversome initiative within the Framework of international law Different countries around the world are Currently challenging the established Individual rights and international Principle principles based on the Argument that cyberspace is a different Domain on the contrary defending in Existing international law has to happen In international fora like the United Nations negotiations on cyber crime or The oew G or dge processes but also by Showing concrete results that it is Possible to uphold this right and Principle when combating ransomware New initiatives seldom emerge in a Vacuum the CRI Finds Its place in a Growing field of actions in different Forum and will hopefully be able to Offer a new Boost to multilateral Efforts in this regard we see particular Value in the following fields Promotion of public private partnership As discussed at length during our Sessions and in this regard it is also Important to take in accounts existing Processes Such as the oec confidence building Measures on icts And secondly focus on disruptive measure Should go hand in end with our cyber Capacity building efforts

Especially in those regions of the world Where public institutions need Supportive tools and framework to Discourage cyber criminals such capacity Building efforts are a shared interest For donors and recipients countries the European Union including Belgium is Increasingly attentive to this aspect in Its development programs Stakeholders like the global firm for Cyber expertise could also be engaged For closer cooperation as they built They built up already a lot of know-how Over the years At a national level Belgium Belgium’s ambition aims at being One of Europe’s least vulnerable Countries in the Cyber domain by 2225. Our national Authority for cyber Security CCB Focus its efforts on all Layers of society to resist cyber Attacks and cyber crime with the aim to Strengthen National resilience To achieve this or Central uses the Active cyber protection approach which Includes a spare warning approach and a Ransomware pre-ordered as well Over the last few months we have been Able to warn numerous private entities And citizens about imminent ransomware Threats In this context one of our biggest Successes is our beef fish project which Fights against fishing the biggest

Attack Vector for ransomware as an Example we received in 2021 4.5 million emails from which we Were able to block 1.5 malicious links Active cyber protection represents a Crucial a crucial in Improvement in the Protection of our citizens and Organizations against quickly evolving Cyber threats and is our tool to counter Ransomware and increase our resilience CRI is offering the opportunity to Belgium to exchange on these best Practices So from now on now on we will be glad to Take an active part to the debates And the work of the different groups Within the city arrive and we look Forward to a further cooperation within The counter-ransom task force Contributing to keeping cyberspace free Open safe and secure thank you Thank you we’re very glad we welcomed Belgium Brazil Thank you madam chair dear colleagues I Would like first to thank the U.S Government for hosting this meeting As many other countries Brazil has been Dealing with ransomware attacks which Are increasing in number and Sophistication ransomware has become More complex and diverse as criminal Groups themselves are developing Operating system-based tools customized For the victim in a market of ransomware

As a service raas has been growing and Making ransomware attacks more Widespread Brazil has been working hard to face These challenges and effectively counter Ransomware bringing its perpetrators to Justice as an example after months of Thorough investigation the Brazilian Federal police has very recently Arrested a Brazilian national accused of Being part of the lapses group Responsible for ransomware attacks Against Targets in Brazil and in several Other countries Being able to work effectively with Digital evidence is a vital part of Countering cyber crime in general and Ransomware in particular In Brazil the Civil framework for the International acts is based on the Concept of service offered or provided In our national territory the ACT Determines that Brazilian law must be Applied in the collection storage and Processing of data when one of the Computers terminals is located in Brazilian territory this framework Allows authorities to have direct access To electronic evidence and data Collected from Services provided in the Country A more cohesive framework of International cooperation and Distribution of jurisdiction

Is a necessary step forward in Persecuting ransomware it is with this Objective the Brazil is fully engaged in The negotiation in the United Nations of A multilateral comprehensive convention On countering the use of information and Communication Technologies for criminal Purposes We consider it a great opportunity to Establish common standards for police And intelligent cooperation in tackling Cyber crime building on the International and Regional instruments That already exists From the Brazilian point of view the Current negotiations taking place at the U.N have a lot to gain from the Accumulated expertise of several International forah and initiatives by Focusing its efforts on exchanging Technical expertise and cooperation to Promote appropriate criminal justice Tools to fight ransomware the counter Ransomware initiative can be one of These tools Brazil also believes that if CRI wants to strengthen the Participation especially of the global South as mentioned during the Discussions on the outcomes and next Steps for the diplomacy working group The leadership of the CRI should take Closer consideration to the concerns and Inputs from all participant countries While negotiating outcome documents

With a more inclusive negotiation Environment Brazil believes that the CRI Will have the potential to attract more Partners from all over the world in Order to fight ransomware thank you Madam chair Thank you to Brazil Bulgaria Thank you madam chair dear colleagues First of all I wish to thank U.S for Inviting Bulgaria On the table here with you and Discussing all these issue about counter On the ransomware on behalf of the cyber Crime unit the Bulgarian cyber crime Unit probably many of you are familiar With Uh I wish to express again our thanks That we were here and we want to say That we are active International partner In the fight against the Ransomware what the cyber crime unit is Trying to do is first of all building Their capacity we are trying to increase Uh the level of knowledge during our Employees and our colleagues and also Trying to bring more uh More people and more Enterprises in the in the fight against The the ransomware probably you know but In the cyber crime unit there is 24 7 Contact point for a retention of data This is what the cyber crime unit is Trying to keep is to keep fast as we Hear during the last session with the

Private companies this is one of the Biggest issue that we recognize Sometimes we have to to admit that we Are a little bit uh after The The Perpetrators and especially what is Happening in that really quick Environment so we’re trying to be as Fast as possible and to cooperate with All other countries and institutions Recently and also see as a development Of the country is changing of the uh Changing the criminal court of Bulgaria Where we have a little bit higher uh Penalties for cyber crimes and this is What we achieve as a country to show and Present to the publicity that we Recognize this as a huge problem and we Will fight with this in the future With all other partners We stay open and we will be in the Future Involved in any kind of international Cooperation with all other countries And we hope that those CR meetings we’ll continue in the future And we will join them for sure thanks a Lot Thank you Bulgaria Canada Thank you very much so on behalf of Canada I would like to thank the United States for hosting us and for your Leadership and accelerating the

Cooperation to counterpan ransomware Through the CRI particularly thanks to You and for your tremendous leadership Over the last couple of days and clearly In leading this group Um we’d also like to thank the country Leads of each of the working groups for The leadership and support they’ve Provided throughout the year we value The cri’s input and perspective on Enhancing this work to combat and Protect against ransomware On on a personal note as someone who has Deep roots in the National Security and Intelligence community in Canada but With very limited access to the Ransomware discussion I have found this A profound master class so thank you Very much to colleagues who have greater Knowledge than I do and I think it’ll be Very useful to me in the leadership role I’ve assumed that the Department of Public Safety so thank you very much for That I will personally take away some Interesting Reflections on the parallels To Old approaches that we have used to Counter National Security threats and There are many lessons that we should Derive from that but of course to the Radical differences that we’ve been Talking about in particular the private Public sector piece of this and just how Important it is for us to think outside Of the box and that is sometimes very

Difficult for old intelligence Professionals to do that type of thing But a really important reflection for us Um ransomware as we’ve all talked about The last couple of days growing national Security threat it in Canada it Compromises the safety of Canadian Citizens the security of their online Environment and the prosperity of our Economy the same is very true for all of You and this is why the government can And engages in a variety of domestic and International efforts to address Ransomware and other malicious cyber Threats Domestically we have a national cyber Security strategy it was announced in 2018. it’s currently being reviewed so Today in yesterday’s discussions have Come in a very opportune moment for us As a significant input into the renewed Cyber strategy we hope to uh to deliver In the coming months uh Canada is going To continue in that strategy to Foster Secure and resilient systems and Innovative and adaptive cyber ecosystem And effective leadership governance and Collaboration Furthermore this past June we announced Further steps to strengthen our cyber Security with the introduction of a bill And act respecting cyber security this Proposed legislation will protect Canadians and bolster cyber security

Across the financial telecommunications Energy and transportation sectors and Require mandatory reporting in some Situations we look forward to sharing With all of you some of the lessons that We learn as we embark on that work Internationally Canada is proud to work Collaboratively with a number of Partners including the CRI to more Closely align policies activities public Messaging and Industry engagement Again you’ll know Michael our commitment To supporting you as we shape this task Force upcoming and our interest in in Delivering on some important immediate Impacts As we continue efforts to mitigate the Threat of ransomware it is a vital Importance that we come together and for Like these to identify where International coordination can be a Force multiplier as we’ve discussed over The past few days to make our policies And efforts more effective we’ve had Success in this space before and I Remain optimistic that our Collective Work will show real achievements thank You very much Thank you Canada Croatia Czech Republic please On behalf of the Czech Republic I would Like to extend my appreciation to the Deputy National Security advisor in

Neuberger in the United States for Convening this year’s country ransomware Summit Ransomware is a national security Imperative We can no longer see ransomware as a Type of organized crime carried out by Non-state actors cyber criminals very Often act in close coordination and on Behalf of States including Russia Ransomware has become a great source of Illicit profit for authoritarian regimes And we must work together to counter This threat We are particularly concerned with the Rise of ransomwareza service Ransomware groups are being increasingly Instrumentalized by Russia including in The context of ongoing Russian Aggression against Ukraine The Czech Republic is not immune to Ransomware we faced ransomware attacks Targeting our hospitals transport Infrastructure and universities We remain committed to strengthening our Resilience sharing threat information Improving detection and holding Ransomware actors accountable Let me make five final points first Regulatory framework and incident Reporting obligation play a key role in Detecting ransomware attacks Such obligation exists in the Czech Republic since 2014 and has proven

Fundamental in protecting our critical Infrastructure Second tackling ransomware requires Adjustment in our law enforcement and Investigation procedures we will Establish a new unit dedicated to Terrorism and cyber crime under the Police of the Czech Republic as of January 2023 Third we must share the same thread Picture with our like-minded and Industry Partners join cyber threat Intelligence and situational awareness Is essential to combat ransomware For We need to consider all means including Diplomatic measures sanctions in our Collective reaction to ransomware Attacks And finally Resilience in cyberspace is also one of Our key five political priorities of the Ongoing Czech residency in the Council Of the EU The Czech Republic remains committed to Working with like-minded countries and Invites other states to join country Ransomware initiative today to combat Ransomware together Thank you Thank you very much Dominican Republic The government of the Dominican Republic Is pleased to respond to reputation to

Be part of the Contour counter Ransomware initiative thanks very much We recognize the leadership and the Great work that the government of the United States has done in relation to This initiative and the leading role of The countries that coordinate the Working groups my respects and Congratulations to all of you As a country who has been straving for More than 20 years to contribute to a Safer global Service space we are Honored to be part of this initiative And look forward to working together With other states and interested Stakeholders to accelerate cooperation To counter ramsumer including improving Collective resilience addressing the Misuse of virtual currencies to launder Ransom payments and investigating and Prosecuting ramsumer criminals We are immersed in an intense process of Digital transformation and given the Complexity of the threat that did that This entails we have focused on our National cyber security strategy on Collaboration principles that allow us To promote connectivity democracy peace The rule of law sustainable development And the enjoyment of Human Rights and Fundamental freedoms however The government cannot achieve our cyber Resilience goals alone the private Sector owns and operates much of our

Nation’s critical infrastructure there Is only one way to defend the state of From cyber threat and that is through Government industry and Civil Society Working together sharing appropriate Information and raising awareness and Education as allies behind the same Goals It is for this reason that participating In the counter ramsumar initiative is of Strategic importance to us who are Contributing to the achievement of the Objective of our 2030 digital agenda and The digital transformation and cyber Security cabinets both coordinated by The ministry of the presidency with the Full support of our president of the Dominican Republic Please use our beautiful island in the Caribbean as I hope to invite all the Latin American countries to join this Initiative We highly value the results of the Working groups and the contributions That each of the countries represented Here have made based on their experience And the realities These efforts are demonstration that we All aspire to have strong democracies And protect our citizens and our Economies Therefore count with the active Participation of the Dominican Republic In this initiative which is fundamental

To building secure server space in our Region thank you very much Thank you very much the remainder Members of the CRI are wondering why the Invitation to your beautiful island is Only extended to Latin American Countries Thank you we turn to Estonia Thank you um I’m pleased to announce that quite Minister in it people are already in the Dominican Republic During there’s some some projects uh Especially focusing on the regional uh Cyber security issues Um Let me let me make three points First of all Um I am so grateful that that this group is A Global Group at least with a global Reach and Global ambition Um otherwise We we tend to kind of have this Reputation Uh at least in the in Europe in north Northern America America that we have Some kind of own agenda This is not not the case because we’re All sharing the same Challenge and we Need the same Solutions Um A second second aspect that I really Enjoyed uh with this work here is is This action-oriented approach

And this is definitely something we Should not We we should keep the focus on on this Actual oriented approach because There are so many initiatives that Starts with a with a hooray and and then There are more and more issues coming Coming to the table and and in the end It’s uh it’s a really General work that Has been done Um I’m definitely taking back some uh some Ideas on how We can also use What we have in Estonia for the benefit Of this group and we talk about Different cyber exercises and we have Been doing many of these uh we’re doing Talking about different institutions or Cyber capabilities that we have Um I’m definitely going to come back Next time with a much bigger package Hopefully Um But this definitely gave me some good Ideas To which direction I should be looking At And I’m also very optimistic about the Dialogue with the industry Um I think it showed quite clearly that There’s so much more to talk And so much more ground to cover so that

We would we So we could be on the same page So uh with this point said thank you Very much and I really look forward to Uh to the next time tables and and the Next plans thank you Foreign That we each contribute as well as gain From this particular group European Commission please thank you and I I Don’t have prepared remarks I agree 100 With what everybody has said I’m sure I Will agree 100 of what others are still Going to say and just coincidentally I Also have three points that I wanted to Make I was just thinking I mean what is A historic building what is historic What we’re doing here I mean I think What we have achieved of course starting A year ago under your leadership but Then I think yesterday and today I think We’ll look back in the future and say This was a decisive turning point in the Fight against the ransomware I mean Would agree to join forces we’re agreed To broaden and deepen Our cooperation I mean Broad and I also Need to think about the European Union We’re not here around the table with 27 Member states with a few more to come Hopefully next time and Broad and also In the sense of the global South I hope Everybody will will do the necessary Outreach Broad and also in the sense of

We need to find ways to associate Integrate the private sector and Hopefully in the context of the further Reflections on the on the task force I Mean we’ll we’ll see concrete proposals But I think what we’ve been doing here We are very powerful together I’m very Kind of I go home or home I mean after These meetings aren’t optimistic that This is something it’s a fight we can Win so there was the and and thank you Aaron and thank you to the chairs for For your leadership I think for the Excellent discussion also for your Listening to I think what was going Around to debate we evolved over the Last say 24 36 hours so this this was This is great I think somebody at the Beginning yesterday I think it was Marguire said we need strong commitment Of everybody I mean the EU has that Strong commitment I I have full Confidence that that’s true for Everybody else that is my first point The longest the second is very short and I come back to it and it’s like a stock Record there are excellent Recommendations of the financial action Task force and I think some of you I Mean Giles and David and also over lunch At the treasury Implement them I mean this will if this Is like about fighting fires the best Way to fight fires is to take oxygen

Away yeah because then the fire will Extinguish itself the fire cannot rage On without oxygen if you take the money The incentive away a lot of the fire Will simply die because it’s not worth Any anymore the business model has has Failed so if we could all take that Commitment maybe by the Second anniversary of the of of the the Counter ransomware Summit that we’ve all Implemented it and then enforce it that Would be absolutely great The third is we can learn a lot from Each other the exchanges of best Practices I mean we in the European Union we have I mean to Czech Republic Refer to that we have security breach Notification we we have kind of further Measures in the work we’re also now Working on securing objects that are Connected to to the Internet so there’s A lot that we can share with you and we Have not found the stone of wisdom in The European Union I’m afraid of having Looked for it for a very long time that It may not be in the European Union and If it’s somewhere else in your Jurisdiction then please allow us to Share that stone of wisdom with you but There is a lot that I think also in the Follow-up we can learn from each other And the European Union stands absolutely Ready to uh to share its experiences Both good and bad with you and with that

Thank you and uh looking very much Forward to the next steps thank you very Much Michael kicked off by saying we are In this together Jared as you noted we Are powerful together so that is a very Those two comments really very much our Bookends of what we’re seeking to do Here thank you France Well thank you very much Anne thank you For this initiative Um well I’m also optimistic and I also Have three points so I think we learned The same thing in our different schools Um well optimistic we were both kidding Because we are not talking about a very Very complex cyber attacks coming from Big states with unlimited means we’re Talking about cyber criminals And the problems does not come from the Skills of those criminals even if we Don’t Have to underestimate them but the Program comes from a huge variety of Very weak potential victims So that’s why this initiative is Important So my three points the first one is that Whatever we do If we are not able to convince those Weak victims That they must protect themselves they Must work on their security they must Try to detect the attacks They must prepare for the worst things

We can do whatever we want it will fail And today this is the main problem and The discussion with the private sector Was very interesting because we see that We all have a kind of responsibility but At the end we are not yet able to Convince all those potential victims That they need to protect themselves but It’s their problem So prevention protection must remain the Top priority and I don’t have the magic Solution to to push this idea The second thing is that efficient Solutions requires International Cooperation that’s what we are doing And also private public partnership Alone That’s my experience but I’m sure you do The same we just do Kind of emergency medicine And well I like to help people I like to eat Companies with hospitals and so on but It’s not a solution And This cooperation is exactly the spirit Of this ransomware initiative and I have to make some advertisement either For the spirit of a Paris core for trust And situated in cyberspace But again I joke but This is the same idea to get all the Stakeholders around the same table to Try to find collectively some solutions

And finally my last point is about Insurance it was very clear in our Discussions that insurance can be part Of a solution it is part of a solution But it can also be part Of a problem So if we are able to find some good Rules and to collectively Implement Those rules can be done only at the National level or even European level it Must be International level if you are able to Implement good rules Insurance will be a part of a solution Thank you very much Thank you very much we will now turn to Germany and I want to thank Germany as Well for leading one of the five CRI Panels the the diplomacy panel thank you Thank you and I would also like to start My remarks with echoing what previous Speakers already said and thank you for Your leadership and also for all the Work that has uh gone into this into Organizing this event I have three and a Half takeaways so I obviously have been To a different school Um the first one is what I take home From here is Um the impressive model of the US team United States Across government Um engagement and Dedication to to the cause and this is

Something that certainly can be improved At least in the German system and I take It away as something a challenge also For our system Um second you mentioned already I Invested most of my time here in the Diplomacy working group I take home that There is a strong support for what for What we do also as diplomats to support Practitioners Endeavor to combat ransomware to combat Cyber crime we have several venues where To do this the ATO committee on cyber Crime where a new treaty has been Negotiated on the global level is one But also smaller opportunities And where we can become visible also as A pressure group to combat cyber crime Like the Paris peace form where we Chairs meet again at the end of next Week My third point is we need more capacity Building and this is something that we Have on our agenda for the next 12 Months to come up with some concrete Ideas for capacity building projects I’m Very grateful for U.S commitment also Here to uh to be part of of this effort As a G7 presidency we have started an Action plan with ecowasu with western African countries and I’m very happy That Nigeria volunteered to co-chair the Next round of the Diplomatic working Group together with me and my half point

At the end is this has been a very very Productive session So reporting home will be a nightmare It’s far better than the alternative That France highlighted during the Discussion thank you very much Germany We’ll now turn to India with thanks to India for co-leading the resilience Working group Thank you Anne for being the mentor of Our group Good evening ladies and gentlemen There is a phrase that we are all Working shoulder to shoulder and it can Be best exemplified in the way we are Sitting and the way we work in the last Two days And I think if someone takes a picture Of this table This powerful table it’ll send some Shivers down the spine of these Criminals that we are chasing So with that positive note at the outset Let me complement all the participating Nations for being part of this first in Person and second historic Congregation Of government representatives and Private Partners in this CRI Appreciate the U.S initiative of Bringing 36 Nations and the European Union on a common platform to discuss And find solutions to improve our Domestic as well as collective Resilience misuse of virtual currency

And need to investigate and disrupt the Network of perpetrators of this Ransomware The exponential growth of ransomware Attacks worldwide has underscored the Need for Global and Regional cooperation In both mitigating the attacks As well as devising internationally Accepted policies and procedures to Attribute and disrupt the threat actors At the domestic level governments should Consider law enforcement and incident Response policies addressing ransomware That can also benefit the overall Resilience of the nation industry as we Have seen as an important role to play As well not just in instances where Critical infrastructure is owned and Operated by the private sector but also When it comes to the Cyber Insurance Sector India has been at the receiving end as We have been facing many ransomware Attacks on our critical infrastructure To counter this Menace we need to work Collectively with countries and combine Our Collective knowledge expertise and Capabilities to disrupt and degrade the Ransomware ecosystem and hold Accountable those that are responsible The counter ransomware initiative has Given all of us this platform and Opportunity to brainstorm and get the Most tangible outcomes from the

Discussions in the five working groups In fact by virtue of these discussions We have improved our comprehensive and Holistic understanding of the strategies Used by ransomware actors and the means By which their malicious activity can be Identified and addressed in respective Jurisdictions by improving our tools Texts and procedures Our experience as the lead in resilience Working group along with Lithuania was Indeed an intense experience We also saw during discussions that Public private partnership has emerged As a point of consensus which can be an Important aspect of effective incident Response efforts many ransomware victims In the private sector do not have In-house capabilities for addressing and Remediating ransomware incident a basic Incident response infrastructure like The proposed Joint Task Force can play a Significant role in these cases Sharing of timely threat intelligence Amongst the stakeholders will also give The required situational awareness to Prevent the incident India will be Keen to collaborate and Cooperate with the CRA member countries Encountering the threats emanating from Ransomware attacks for which we will be Focused on expanding the capacity Building activities information sharing Enhancing sir to cert cooperation

Establish and share guidelines on Sector-specific cyber security standards And practice the same through the Conduct of biannual cyber exercise We also propose to establish a dedicated Ransomware platform Called malware course to support analyze Share and collaborate counter and Similar activities for responding to Ransomware incidents this platform as we Demonstrated to you yesterday will also Carry out the analysis of ransomware Artifacts and samples and also act as a Repository for these samples To conclude I would like to say that it Is our Collective responsibility to Ensure that the global cyberspace is not Dominated by criminal activities like Ransomware and we create a safe secure And resilient cyberspace for a future Generation I wish this unique Coalition Converts our Collective resolve into Ensuring a ransomware free cyberspace And I’m sure that the network effect That will happen after the task force is Formed will exponentially increase our Response to ransomware finally India Thanks USA and Team n for hosting this Event I wish the non-dc members safe Travels back home to your countries and Thanks also to the UK and Australia for The champagne thank you very much Thank you very very much India for the Gratitude for all the contributors let’s

Turn it over to Ireland Thank you chair Um I suppose first of all I’d like to Thank un and the NSA and NSC staff with Me for the uh the vision and leadership In getting us to this point in the first Place and coming up with the idea and to The the work group chairs for for all of The hard work to bring the various Different work streams to the point that They are I mean context we briefly Everybody knows that ransomware has Grown from a nuisance issue to being a Real proximate risk to National Security And our future Prosperity Um and that kind of cross-cutting Dynamic International problem requires This assets a Global Response Um I’ll introduce a concept from from Irish history of a metal it’s a Cooperative it’s a group of people who Come together today with a task could be Any task a harvest whatever it might be They work together in Collective action To do something that an individually They can’t Ireland is proud to be part Of this new Cyber Mahal forgive me Um which will hopefully help us all work Together to achieve something we Couldn’t do alone to break the back of These ransomware operators Um we’re particularly proud to be part Of this um disruption by Design I’m Stealing that saying categorically

Um processing and taking the fight to The bad guys as quickly as we can Um also we’re particularly uh happy to Be able to exercise our diplomatic Labors as far as they exist to help put Pressure on those countries that Continue to Harbor the actors who are Responsible for this ultimately Ultimately there are people behind this Not just in sense8 objects and lastly We’re particularly happy to be able to Work with Private Industry to help Encourage and move people along to a Path not just towards greater resilience But also towards greater information Information sharing what governments as To what is actually happening out there We all are short-sighted as to what’s Happening in the in the real world for One better term Um and finally we’re particularly happy To to work on the joint country Ransomware task force it offers a really Significant opportunity to collect be Engaged with these issues in a dramatic Dynamic way and also of course lastly Poses a challenge just to a challenge to Us all domestically to better organize Our own domestic functions to take down To remove to police to engage with the Threat across our communities whether It’s Healthcare government or the Private sector it’s a collective National International effort and thank

You Thank you very much Ireland for those Comments we’ll turn it over to Israel Thank you first of all thank you Ann for Leading this initiative and to your Staff for supporting and suffering us And to the chairs that they did a great Job during the last two years and during Those two days Uh ransomware is a national security Issue we see that in many countries also In Israel We are Building our Fusion cell that Incorporates shoulder to shoulder the Israeli National cyber director at the Israeli National Police the Privacy Authority and FIU and we see the CRI as A force multiplier for this local effort This is the gate to the world and the Both for supporting this initiative and For receiving added value from this Initiative Five takeouts that I took from the last Two days the first one is uh hopefully In the next year when we sit down here We have started to solve the issue of Visibility of understanding what is Happening in the ransomware environment Who is being attacked how much we are Paying uh so Getting this visibility is a very Important Cornerstone Second maybe we have started to think

How to solve the legal International Legal issue so we can Get the attackers on a cyber face pace And not on legal Pace Otherwise we are in a problem so Thinking about this during this year is Very important Third thing is uh again working shoulder To shoulder in the task force and in the Fusion cell uh to deal with the Spaghetti the meatballs and the plates Uh Great framework And this is something feasible this is Something that can bring real value this Year to us Fourth is the private public partnership I believe that after uh seeing a small Sample from the industry we have a lot Of work to do But still they are crucial part of the Solution Talking about security by Design and Default and disruption by Design uh Auto Patching getting the visibility that We’re talking they are part of the Solution and they should be again with Us shoulder to shoulder sitting in this Table Last but not least information sharing Platforms we saw two excellent examples Of uh Initiatives by Lithuania and by India Malware Kush is something that we know

How to say already and we didn’t see the System yet but a lot of potential and we Together with the United Arab Emirates Will be happy to contribute a part of This solution of info sharing to the CRI So thank you very much and looking Forward for the next year Thank you very much and thank you for Noting some of the statements that we Can all chuckle about as part of the Human part of partnership from Disruption by Design to shoulder to Shoulder to private public partnership And with thanks to the Dutch national Police none of us will ever look at Spaghetti and meatballs the same way Let us turn it over now to Italy Thank you first of all let me join my Colleagues and thank you madam chair and The youth team For this key initiative and for Organizing and hosting such a successful Event I would like also to thank the Chairs of the working groups and the Participating members for their Significant contributions to our Strengths of work If as it has been said cyber is the Ultimate team sport we can say that the CRI conference as underscore an Excellent interaction among very Committed team players which recognized That ransomware is a growing Global Threat that requires a joint

International response Cross-cutting and holistic approach is Therefore extremely relevant bringing Together in a synergic way the various Actors involving combating ransomware Connecting resilience Mechanism with disruption and other law Enforcement capabilities as well as Instruments to cancer the profitability Of the ransomware model This joint efforts should also involve The research community and the private Sector in this perspective we think that The Strategic vision and the pragmatism Which characterize the current rational Initiative Have the potential of attracting new Members we know that we are advancing Into to some extent and chartered Waters But we are confident that we can Effectively face the challenge of Ransomware if we join forces in a Concrete way At at the same time we think that these Timely conference has reinforced our Awareness that change cannot be Postponed in our approach to counter This set of destabilizing criminal Activities recognizing that our fight Against ransomware is per se Multi-dimensional we welcome the Flexible platform of cooperation That has been developing by CRI Including in its possible crucial

Interaction with the private sector Against this background Italy welcomes The establishment of the counterassumer Tax force that we consider a very useful Tool to promote further collaboration With that within our community which is This is something important to us is a Community of values I’m glad therefore To reiterate Italy’s strong commitment To the CRI and our willingness to offer Our contribution in order to reach the Important objectives delineated in our Joint statement thank you Thank you very much Italy we turn it Over to Japan Thank you the second CRI Summit he has Been a great success so it’s already Evident and we appreciate Miss newberger And her team for taking vegetative to Organize this event In our gratitude also goes to the lead Countries of the working group for their Valuable work Getting to it together in person was Significant Because not only did it allow us to Discuss the substance but also we were Able to show the spirit and solidarity Particularly sitting shoulder to Shoulder in this room Cyber security vulnerabilities are risk Factor for the entire world that’s why Japan value cooperation with like-minded Countries

In Japan damages from ransomware have Been spreading a hospital Was targeted and is suspended the Provision of Medical Services A major automobile manufacturer Suppliers holded the manufacturing Operation and shipment of motor mobiles Yesterday so the very yesterday a Cyber Attack occurred Into occurred and caused the Interruption of medical services at Hospital in Osaka and 146 cases of Ransomware attacks were reported to the National Police agency in 2021 And in the first half of 20 2022 the Number has already reached 114. And the number is increasing steadily So in the case of Russian against Aggression against Ukraine we are aware Of the Cyber destructive cyber attacks Using ransomware and similar means had Started before the physical aggression To Ukraine And we have to recognize this as a National security threat not only just a Economic threat Thus it is important for critical Infrastructure operators in private Business and our government agencies to Prevent ransomware damage from occurring But also it is a important challenge how To stop the social and economic Disruption in a short period of time After the event

Japan has provided information as cyber Security Council and the guidance for Sharing and Publishing information Cyber Attack damage regarding public-private Partnerships and we expect that it can Be referred to as the case studies to Promote information sharing between the Public and private sectors to be Promoted by the CRI in the future In addition the promotion of existing Capacity building programs including Multi-stakeholder efforts as indicating The CII statement is an important Initiative to combat ransomware Japan has been providing capacity Building support mainly in the Indonesia In the Pacific region including asean Countries in light of the growing Importance of in the Pacific region we Plan to continue providing strategic and Effective support in cooperation with Various actors such as like-minded Countries International organizations And Industry in Academia International Cooperation against ransomware threat is Important we will continue to work with CRI partners Lastly Japan would like to emphasize the Importance of building on the framework Of code of conduct for responsible States agreed upon at the United Nations And its National implementations as is Mentioned in the CRI statement This is important to enhance the

Rule-based international order and Japan Looks forward too working with the CRI Partners to secure a cyberspace that is Free fair and safe thank you very much Thank you very much Japan Kenya First of all I’d like to say thank you Very much to you Ann and your team for The great leadership that you provided Unto us and to the U.S for the Leadership in this Summit as well as the Lead countries that have taken us Through and have been guiding Us in this Process Kenya has made strides to boost her Cyber cyber security capacity by Enacting the Cyber Crimes Act and Antimonial anti-money laundering act as Well as other legislation and we are Soldiering forward to continuing with The fight against ransomware Kenya is looking forward to working with Other CRI members to counter this global Global threat that is affecting all of Us in Kenya just like in many other Countries has faced cyber attacks and With growing digitized digitization we Can only grow stronger coalesce our Efforts and work together as partner Nations We look forward to becoming a more Engaging partner to fight ransomware If CRI initiative is a formidable Platform and we look forward to more

Partner Nations especially from the African continent to be part of this Great initiative to find Working Solutions to the to fight the challenge On a personal note I have learned a lot Out of these great discussions that we Have had in the past two days and once Again I thank the U.S for hosting us and For the leadership in this initiative Kenya is honored to be part of it and we Look forward to more fruitful Engagements together let us fight to Counter ransomware to protect our Countries our businesses our economies And our citizens thank you very much Thank you very much Kenya let us turn it Now to Lithuania with thanks to Lithuania for co-leading the resilience Working group with India Thanks thanks Dan and thanks for those Two days of very inclusive and Stimulating discussions I I would say And I have two short takeaways and one Quick comment so my my first takeaway And I would join those who are Optimistic you know looking to to the Future I think although yesterday from From some presentations we could uh get A sense that despite all our efforts we Are losing I think it would be a a wrong Mindset to think of I think we are not Winning yet So that is the right uh mindset and I Believe that we are in a better position

When we were one year a year ago I think That is uh you know we should we should Acknowledge that you know building uh The uh relationship and cooperation we You know we we are really better off uh Today and uh and looking to the future With uh the task force I think we will Be even even uh better better prepared To To address uh be ransomware threat The second uh second takeaway uh and uh You know my favorite topic uh commitment I I think that and you know those two to Today’s Show the that the you know Different countries are bringing uh Different commitment to the table and That is uh that is important you know The commitment you couldn’t understand By you know National efforts you know What you do nationally also you know by By what you contribute to the to the Collective uh effort so so that is uh You know you know we see that commitment It’s good and we should continue you Know bringing uh that that commitment to The table uh only you know by this we Can we can have a result you know on our End we will uh we will continue uh Facilitating the information sharing uh And and and I think uh that is that is You know as it was a highlighted many Times a very important role And last but not least the command which I probably had to make yesterday because

You know that we had a very stimulating Cyber diplomacy discussion uh yesterday And I think uh you know both Camps or you know how you say it were Right yesterday uh definitely in in the Context of this initiative we are Addressing and dealing with with Criminals uh and and that is uh that is That is true but we should not forget Where in almost 75 of of ransomware uh You know attacks are coming from this is Not a coincidence but we are coming from Russia so we can be successful halfway If we approach it only as a criminal Activity we can you know win this if we You know approach it comprehensively you Know this format is probably not the one We we have other means uh probably and And Ukraine I I hope is it will help us To to solve to solve this issue so so Really you know really really optimistic About uh you know what you what we are Doing and what we can achieve together Thanks Thank you very much Lithuania we will Add that to our CRI quick statements we Aren’t losing we’re not winning yet Excellent let’s turn to Mexico Good afternoon thank you very much for The invitation to participate in this Second CRI submit During the previous year Mexico has Participated in five working groups Where we have shared experience

Recognize challenges and acknowledge Opportunities to prevent and combat Ransomware In Mexico we have implemented a national Cyber security strategy with the main Objectives to execute the homologous National protocol for cyber Incident Management Developed by National Guard This protocol promotes the adequate Implementation of the risk management Vision And cyber resilience based on International best practices As well as preservation of digital Forensic obedience and presentation of The case before the public prosecuted Officers office to guarantee the Prosecution and administration of Justice In this context a National Guard’s main Objectives is to influence a cultural Change to deal with the illicit use of Information technologies that lead to Attacks such a ransomware The purpose is to educate citizens and Public and private institutions on Dealing with this type of activity Which constitute a crime Currently Mexico has the necessary legal Tools to sanction those who engage in This type of illegal Behavior ensuring That there is not impunity for cyber Criminals

The National Guard has giving Workshop About this protocol to around 50 public And private entities and has trained Approximately 400 officers who are Responsible for cyber security with a Multi-dimensional risk management Approach Furthermore Mexico is working with United Nations tours comprehensive Convention against cyber crime This will allow the foundation for a Globally hilative harmonization That will combat the impunity of those Who make illicit use of information and Communication technology Currently Mexican Congress is preparing A bill in coordinated in coordination With different sectors of society that Will provide a legislative framework for A comprehensive cyber security model The CRI must concentrate on the Following Challenge and opportunity to This manual the continued threat one Create a protocol for preventing and Investigating ransomware crimes that Define the roles of the multiple Stakeholders acknowledging the Interdependence between actors and the Previous sector role in preventing Containing and contributing digital Obedience It is crucial to highlight that unlike Conventional crime in cyber crime The Obedience in is in the hands of the

Third party Particularly in the extensive Information and communication technology Companies therefore a partnership with Them to provide obedience prompt will Lead to an adequate prosecution of the Case Two develop a toolkit for the Cris Members that allow for a specialized Police to act as a field responders to Obtain The Obedience for the different Lines of Investigations three Implement a comprehensive system for Investigating investigating and tracking Crypto assessed using the tools Other Nation have developed an example of this Is Australia’s graphs and tools For Create a database that may identify Different type of malicious actors that Operate in the ransomware ecosystems Five Promote the implementation of an Approach system that collects Cyber Attack information to share it with Other countries without rebelling the Identity and vulnerabilities of the Victim Mexico is committed to seeking a free Cyber space Where human rights are respect and the Exercise of legal activities is warranty To promote economic political and Social Development for the benefit of our

Countries thank you very much Thank you very much Mexico and thank you For the actionable suggestions as well The Netherlands First of all Um I also would like to thank our American hosts for your leadership and For organizing these excellent summits And also many thanks to the working Group leads and participants that have Worked out throughout a year to bring Our Collective work forward But since we met last year the amount And object of ransomware the tax has not Decreased in fact Ransomware has taken a industrial Proportions in terms of victims damage And criminal proceeds and together we Need to scale up our efforts accordingly And we need to do so with all means Available just to show the permatic Technical and Financial And uh in criminal investigations is Always Um uh and here especially important to Follow the money Countering the illicit use of crypto Assets is a key issue in combating Ransomware and therefore deserves a Specific attention And not only are enhanced know your Customer rules for crypto assets and Asset server providers necessary on a Global scale

We also need to step up our law Enforcement efforts in tracing crypto Transactions that conceal criminal money Flows and facilitate money laundering Cooperation across borders and Boundaries remains essential recently as You’ve already heard from Teo thanks to A tip from a cyber security firm the Dutch police was able to trick a Ransomware actor and get hold of 150 Decryption Keys allowing files of Victims in 13 countries to be unlocked And this case illustrates that working Together both in internationally and With the private sector and being Creative leads to results Apart from disrupting their business Model around severe actors and their Neighbors need to be held to account and Brought to Justice no matter where they Reside or operate and this also requires Strong International cooperation The recent arrests in the Netherlands of A developer of a so-called crypto mixing Service suspected of being used to Consume large-scale criminal money flows And the recent U.S conviction of a Member of the networker Gang demonstrate our Collective Commitment to proceeding um Pursuing criminal actors Innovative tools a framework that build Upon and optimize the use of existing Platforms

As well as cooperation across brothers And brothers borders and boundaries They’ll be instrumental to enhancing our Resilience and to keep countering and Preventing them somewhere effectively I want to express my gratitude to all Call Expressions it has been inspiring To discuss these important issues with All of you these past two days and I Look forward to our further cooperation And the Netherlands will clearly play in An active role in all working groups in The forthcoming year thank you very much Thank you very much Nigeria Okay good evening everyone it’s a good Afternoon Um I would like to start first of all by Congratulating the US for successfully Hosting the Second CRI Summit and the first In-person one with member Satan’s Shoulder to shoulder it’s really been a Great one having this network Indeed the benefits and relevance are Invaluable I must say the debate was Qualitative highly informative and very Directional A big thank you to the working group Leads for the very useful presentations And oh yes it’s one of the most Beautiful things having one of my gender On the other side at the center of the Day at the center of the table drive This um discussion excellently and

Productively Um Nigerian notes that a global problem Needs a global approach an international Cooperation is key in fighting cyber Crimes and in this case the Menace of Ransomware Nigeria recognizes the I’m sorry please Nigeria recognizes the Need to apply some of the universal best Cyber security practices that can Dramatically reduce the likelihood of Ransomware incidences and reduce risks From other cyber threats Nigeria is also committed to Strengthening and enhancing her existing Legal framework to ensure Conformity of The cyber crime and cyber security laws And policies with the regional and International standards maintenance of International cooperation required for Preventing and combating cyber crimes And promoting cyber security and Effective prosecution of cyber crimes And cyber security matters Accordingly Nigeria has done the Following It’s reviewed the national cyber Security policy and strategy in 2021 A key component of that is strengthening Of the legal framework which has been a Topic of discussion here an Identification of critical National Information infrastructure It established a computer Emergency

Response Team which is responsible for Managing cyber incidencies in Nigeria Which is housed in the office of the National Security advisor The NG search gives advisories based on Information guarded from other countries We’ve received um information from the UK the US Tunisia and um I think one of The country some who are members of the CRI Um it also houses the national digital Forensic laboratory which helps in the Extraction of digital evidence Though it has less than moderate trained And ready Workforce provision is made Within the legal framework to develop Capacity particularly in view of the Nature of cyber crime and that that’s Why this cautions on capacity building Is key for us as well It’s carried out an evaluation and Identification of critical National Information infrastructure in compliance With domestic legislation which is a Cyber crimes prohibition prevent Prevention Etc acts and the presidential Gazette as Well as work on modalities to develop Protection plans for the cnii is in the Works In considering information sharing is Key Nigeria created channels to Aid Information sharing between the Government and private sector as well as

With the public so we have sectoral Certs that manage incidences and Respects in their respective sectors and Then the link with the NG certs which Gives the relevant guidance to enhance Resilience It’s also established the Cyber crimes Advisory Council which is a creation of The law the Cyber crimes acts and it is Well manned by senior leaders that are Influential and are involved in cyber Security decision making it is led by The National Security advisor Noting that coordinated capacity Building has potential to serve as a Force multiplier in the fight against Ransomware it also initiated discussion Um with some International organizations And bilateral engagements to explore Avenues to help with capacity building For criminal justice sector actors that Are involved in cybercrime particularly For prosecutors and investigators which We see as very key to this issue It’s also initiated an amendment process For the extant cyber crime legislation To incorporate virtual assets and Virtual asset service providers so like Canada earlier mentioned discussions on The table are very very important to us And their take home for us so that we’ll Be able to also incorporate them in the Review process The amended money laundering prohibition

And prevention act 2022 now recognizes Virtual asset service providers as Financial institutions and virtual Assets as funds and defines predicate Offenses using virtual assets And um as okay yes and Nigeria has also Acceded to the Cyber crimes convention And the Budapest Convention of the Council of Europe in July 2022 which Will take effect for the country in November Nigeria notes the importance of um cyber Security awareness and the need to Imbibe the practice of good cyber Hygiene accordingly sensitization Programs were conducted by the office of The National Security advisor And this has covered both government and Public sectors and in some organizations Cyber drills were conducted Nigeria is also dedicated to joining Efforts in the disruption of ransomware Business model and Associated money Laundering activities by ensuring the National EML CFT framework effectively Identifies and mitigates risks which is Associated with virtual assets and vasp Activities Though there is currently no policy on Payment of ransomware the national FIU In collaboration with the Security and Exchange Council and the fintech Association of Nigeria are pursuing ways Through new regulatory mechanisms to

Enhance cooperation with the virtual Asset industry on ransomware related Information sharing Importantly the new proceeds of crime Act because last um this year we’ve had Two key legislations this is the second Of it recovery and management act 2022 It empowers law enforcement agencies to Seize and confiscate proceeds of cyber Crime including ransomware payments Um in conclusion Nigeria wishes to Restate her commitment and dedication to Eliminating safe havens for cyber Criminals within her territory and doing The needful to contribute to the global Efforts and this commitment is certainly Reflected in Nigeria’s active Participation in the work of the UN ad Hoc committee on cyber crime and um the Recenter session to The Budapest Convention by the Council of Europe I would like to say thank you To um Anne and the wonderful team for The warm reception thank you for the UK For a beautiful evening yesterday and to Australia in advance for a good one Today it’s been a pleasure thank you Madam chair Thank you very much Nigeria let’s turn It now to Norway Chair Jake CRI colleagues First thank you Anne and thank you thank You to the US for uh hosting us and for The CRI leadership initiative

I also want to appreciate the work being Done in the work groups between these Summits uh I don’t think it’s been Mentioned but there’s a lot of good work Going on between the meetings and and This leads up to our summits This is our first summit since Norway Joined the CRI initiative in February Uh Norway highly appreciates the U.S Initiative for increased account to run Somewhere cooperation corporations Internationally nationally and with Private company is necessary to come to This challenge of countries In addition to cooperation we also need Trust and transparency In our experience trust between the Police security authorities and the Victims of an attack is necessary to Combat ransomware This was Illustrated during the very Interesting session uh with the private Companies Information sharing has been a topic of Topic in most of our session these two Days Um it’s a challenging topic however we Feel that the CRI is a perfect umbrella For developing practices and areas for Information sharing And better information sharing between The countries Trust is also the preferred basis for Sharing necessary information between a

Victim of an offense and a police in no Way we have a long-standing trust Relationship between the relevant actors And I believe this is a strength based On all members benefiting from such a Cooperation Just a small example in 2019 Norwich and Oil Company Hydro with an office all Over the con all the continents in the World was attacked by ransomware the Attack caused the hydro 100 million US Dollars the organized criminals behind The attack was also suspected to have Cost 1800 attacks in a total of 71 Countries Hydro demonstrated transparency shared Information and cooperate cooperated With the police during the investigation After an extensive and international Investigation with corporations with Quite a few of the countries around the Table here criminals were arrested and The encryption keys were found Without such trust and international Cooperation uncovering this criminal Network and finding the encryption key Would have been very challenging Countering cyber crime is a high Priority of Norway replace focus on Strengthening the capacity to combat Such crime one area of strengthening our Capacity is through International Cooperation such as this great Initiative

So thank you for attention and I’m Looking forward to see you again at the Next Summit thank you thank you very Much now we will now turn to Poland Thank you very much uh the warmest Thanks to our American hosts I have to say I don’t think we have ever Been so close together That’s today uh so Uh so the camera ransomware initiative Gives a lot of Hope for the future of Fighting this exponentially growing Threat to National Security And uh I have three points of my own Like my colleagues had before and first Of all I’d like to stress that we have No time to spare and I hope that the Can-do attitude that is in this room we Will be able to take back to our home Countries go straight through the legal Security and all the other teams to make The actionable by action by items from Our meeting possible as soon as soon as We can and I hope that we will have many CRI members using the Lithuanian misp uh The Indian malware Kosh and Israeli and UAE system as soon as possible because That will be a measurable way to Calculate our success Second of all the I have very high hopes For the exchange of ideas in the policy Part during our conversations especially And the ones between the sessions I Think we found out that we Face very

Similar problems in our countries And the good news is that for each of These problems at least one country has Found a way to make significant progress So if we exchange information if we Exchange the ttps to achieve a success In fighting ransomware then I think we Will be able to progress a lot quicker Than we have to date And third and final Point I like to make is uh that seeing As our Summit has been a success I think We should uh make possible another event But for the operational people that work In our respective agencies in our Countries I think that if we want to get The flow of information going as quick As possible and I understand that this Is what everyone has agreed upon these Are the people that will actually make That happen so the sooner the better and I definitely hope they enjoy their many CRI Summit as much as we have enjoyed Ours thank you Thank you very much Poland and that wise Advice really ties very much to the Discussion of The Joint ransomware Task Force operationalizing a lot of what We’ve talked about and linking across The communities that we need to Effectively connect to fight ransomware So thank you Republic of Korea Thank you chair firstly I’d like to

Thank the U.S government for hosting This important meeting And uh to you chair for your excellent Leadership throughout the process Uh discussions during the last two days Served some valuable opportunity to Better understand Today’s evolving ransomware threats and Identify where our close cooperation and Collective actions are needed Today the threats have been growing to Be more prevalent and sophisticated Globally The situation in Korea is not different Within approximately 80 percent increase In reported ransomware attack cases Compared to the previous year In response to this Rising challenges to Korean government introduced a Comprehensive Policy named the plan to strengthen Responses to ransomware last year This plan includes various measures to Enhance prevention responses capacity Building and international cooperation Against ransomware Among the measures are the expansions of Cyber exercise of the critical Infrastructure Establishment of the software Development and security hub A stronger link between the information Sharing systems of the private and Public sectors

And artificial intelligence based Analysis of ransomware types and patents We hope to share our experiences coming Out from implementing these new policies Going forward As discussed in the Diplomat diplomatic Responses working group capacity Building remains one of the key to Eliciting responsible behaviors in the Cyberspace To descend the Korean government is Actively participating in global and Regional cooperation for cyber capacity Building As a sponsor of the U.N General Assembly Resolution to establish program of Action for advancing responsibility Behavior in cyberspace Career Delight to underscore the need to Establish an action-oriented mechanisms Within the U.S Specifically to enhance a peaceful Implementation of norms and encourage The exchange of the best practices and Capacity building Furthermore as a co-chair of the uh Asian Regional Forum international Meeting on ICT security Is actively participating in the Capacity building efforts against the Cyber threats within the region Online learning platforms internships And training programs will be provided By many relevant Korean authorities

To cultivate cyber Security Professionals in the region And also we are planning to host the Gathering of SM member state next year To further improve our cooperation Uh chair there was a discussion in this Year’s meeting to come up with the Cross-sectoral tools to fight ransomware Suggesting establishment of the International counter ransomware task Force Korea rejoined the efforts of the the Member states of the initiative to make Our cooperation mechanisms more result Oriented Including discussion on how to optimally Structure the task force The critical importance of the stronger Partnership among various stakeholders Has been reconfirmed in this year’s Meeting Our experiences have clearly suggested That the state-centric approach can no Longer be a solution Today we had a very valuable opportunity To listen to the voice of the industry And I hope that the discussion will be a Good starting point to facilitate the Effective partnership with the private Sector to address ransomware threats Together thank you very much Korea will Remain fully committed to working in Solidarity with the partners around this Table to establish a secure cyberspace

Thank you very much thank you very much We greatly appreciate Korea’s commitment Romania Dear colleagues ladies and gentlemen the Romanian delegation is privileged to Attend the second Summit of counter Ransomware initiative We Salute both the Overall concept of this initiative as Well as the robustness of the work carry Out so far We see this year is an example of Standing leadership of our U.S Partners In their intention to bring us together In the fight against this common thread A special message of gratitude goes to You and for your important contribution At the success of this conference thank You very much we have also message of Appreciation for the very good work done By by our chairs in their working groups Romania will continue to play its role In the fight against the ransomware we Will continue to have a zero tolerance Policy towards our actors carrying out Cyber crime operations from our Territory and we will continue to employ The full extent of the law encounter Equity counteracting them Throughout 2022 ransomware threats have Targeted both the public and the private Sector in Romania representing one of The top three threats to our cyber Security based on frequency and number Of attacks threat actors have primarily

Targeted our hems oil and public Administration domains Our commitment within the CRI must be a Long-term one such effort must include The development of capacities of legal Frameworks and of common tactical Operational and policy approaches we Support the multi-stakeholder approach To increasing our security and Resilience to these threats as we heard Today the private sector in particular Has a key role to play in preventing Reducing and responding to rational Threats the cooperation and partnership Between the public and the private Sector is an objective need and we have To build and expand it through constant Efforts we are also committed to Assisting Partners In Need To increase their capacity to deal with The threat of ransomware most Importantly however our commitments must Be of responsible State conduct Including in manifesting zero tolerance To threat actors within our territories When responsible State conduct is Intentionally and repeatedly disregarded We must be prepared to act together in Calling out the responsible Parts as Such Bridges could have consequences for The rule-based international order and Post long-term risk for us all for Romania ransomware is not only a crime As we cannot completely detach rain

Someone from the broader cyber threat Landscape and is also about values we Must protect the open safe and secure Cyberspace against those who argue that Freedom is just one of many options in The end I would like to thank our U.S Colleagues for bringing us together we Can only fight this trade together as Like-minded group and set the better Head together you may count on Romanian Advancing all the objectives of this Initiative and ambitious work plan Proposed today Thank you and I’m looking forward for Our next meeting and on a more personal Note you know I have few pictures with President Biden but I have no picture With vice president Kamala Harris so Please share with us a copy of the Picture with that together this morning Thank you You’re already in a picture on Twitter Thank you Sweden Well thank you Um I would like just to start by Thanking Nate Chris but most of all and Of course for this but actually most of All your team Um just looking over there for instance Uh thank you we’ve all been you and we Know how you know much work it is to put Something like this together Um so thank you to everyone for that Um

There’s been a lot happening since we Last got gathered in this forum uh Virtually Russia’s aggression against Ukraine has Led to a severely deteriorating Global Security environments and I just want to Reiterate take this opportunity to Reiterate our supports that our support For Ukraine uh remains uh I’m unwavering Um security threats are becoming ever More complex and the ransomware threat Is in particular dare I say a smorgos Board of different uh characteristics of The emerging Global threat landscape Um so it’s both a technical regulatory Financial foreign policy National Security challenge all at once and it Also requires making policy decisions With incomplete information in a Fast-changing technological landscape So in other words this is exactly the Type of problem that make most Bureaucrats very very sad and start Looking for exits and chocolates Um I’m pretty sure actually that there Are some of bureaucrats Among Us or at Least in Sweden that were you know Dressed up as ransomware for Halloween This year Um At the same time The effects are so Um clear and profound I mean it leads to people not being able

To buy food they lose their life’s work Affects the security of our health care Energy Supply the financial sector but It also really puts our interdependence In the spotlight And when cassaya was hit I was actually On an island in the Stockholm Archipelago enjoying the Swedish week of Summer Um I I had two thoughts when that happened One was I will not be able to get food Um because there’s only one store on This island And that was very unfortunate and it Made me made me very sad Um second thought though was that you Know if a Cyber attack on a company in Miami is preventing me from getting Meatballs and Herring for my kids in a Remote island in Sweden I’m really Living in a very interconnected world Um so I kind of came to think that you Know our joint Prosperity really rests On digital foundations And I think our reaction to these types Of threats really must be not to retreat To National capacities Well Um well not believing that we’ll be able To solve this problem through more Sovereignty or Independence I think we Need digital solidarity on this issue Um I think that’s also why this meeting

Is so encouraging I it’s very rare to See not just such a group diverse group Of countries but also such a diverse set Of participants from each country Um there’s like here we have people Working across like countries Ministries Agencies and companies Um and I think this is really one of the Few areas where we have as many facets Of the participants as the threat itself Is you know Um I also think we really desperately Need to come back to a more positive and Future oriented vision of what Global Cyberspace can be something that can Drive collaboration and Innovation and I Think this Summit Um really represents an important step In that direction Sweden has a new government since a few Weeks back cyber and Technology policy Will be a priority for us Um Also as we move to our presidency of the EU Um in the in the spring I can also Announce announce that we will be uh Together with Rwanda be facilitating the Negotiations on the new Global digital Compact uh in the United Nations And we really look forward to Collaborating with all of you thank you So much Thank you very very much both for the

Insightful comments and for the the call To action that you gave I neglected to Skip the colleague to my left Singapore With thanks as well for co-leadership of The countering illicit Finance panel Thank you very much first Um on behalf of Singapore I want to Thank the US NSC and all the staff for Organizing and convening this Summit and And for your personal leadership in this Initiative Ransomware is a cross-border problem It’s essential that countries work Together shoulder to shoulder if we want To effectively combat ransomware Countering ransomware is also a Cross-domain problem it requires cyber Security expertise law enforcement Levers Financial supervision Public-private Partnerships and Diplomatic engagement as evidenced by The diverse friends that we have around The room Just last month at the Singapore International cyber week Singapore Announced that we had formed our own Domestic National counter ransomware Task force earlier this year As we worked on it in parallel it was Striking to me how our conversations Both at this International CRI and our Domestic task force was so similar there Are obvious synergies in our domestic Work and the international work

I also am leaving here more optimistic Ransomware as I’ve learned is a Manageable problem if we break it down To the component parts The bad guys someone told me also have Budgets and bosses They have their own challenges if we Work together we can starve them of Oxygen we can make the environment more Hostile for them and break their Business models Ransomware is a common threat to our Respective countries companies and Citizens it poses economic social and Even National Security harm to us Interestingly we are all facing a common Threat the bad guys are out there we are All on the same side This is an area where countries from a Wide political Spectrum can find common Cause and work together Collaboratively by staying focused on Objective and practical Solutions With our shared commitment and Conviction to act against ransomware we Can make meaningful progress towards Establishing a rules-based multilateral Order in cyberspace One which is in accordance with International law the U.N Charter and The Norms of responsible State behavior In the use of icts from the United Nations gge process previously and the Ongoing oewg process which Singapore has

The honor to chair This will allow for a cyberspace that is More stable secure for our citizens Businesses across the world Singapore has been honored to Participate in this CRI effort and we Look forward to making further Contributions down the road thank you Thank you very much Singapore we now Turn it to Spain we thank you to Spain For leading the public-private Partnership working group as well Thank you thank you madam chair thank You and Um Thank you for your leadership all along These days these two days and thank you Also to you to your team A fantastic team with their enthusiasm And their professionalism and their Human touch at the same time Um You know Spain welcomes the visible Success of this initiative which already Brings together so many partners United in the face of a common challenge Which is the fight against ransomware Spain has been working during this Month’s uh In the field of private public Partnership contributing with our National experience and I would like Also to praise and to thank the work Done by my colleagues of the minister of

Interior and also of those colleagues And partners that have been working in The same working group And to all colleagues here around this Table from whom I learned so much during These two days Um Ransomware is a threat to States To private companies and especially to Our citizens It is therefore necessary to address This Challenge from a comprehensive Approach And at all times encourage public Private collaboration The private sector rounds and operates a Large part of our country’s Infrastructures hence including them in The debate Is essential to achieve greater Resilience But when we talk about Public Power and Public private partnership I’m not only Thinking talking about collaboration Between government agencies and private Companies but also about collaboration With Society at Large From independent experts to think tanks Academia and citizens as they are the Main stakeholders and end users of Digital Services Raising awareness among Civil Society Must be a priority Though public opinion attention focuses

On attacks on Dutch companies ransomware Attacks targets Any small and medium-sized Enterprise And individuals The social impact that this type of Attack can have is too severe And deserves utmost attention Moreover increasing public-private Synergies will allow for a better Understanding of the threat and a more Comprehensive response Engaging citizens and other stakeholders Will help expand the visibility of the Public sector in the fight against Ransomware and simultaneously increase The efficiency of cyber security Measures both financially and in terms Of threat awareness Information sharing is key to gaining an Accurate picture of risks Vulnerabilities and threats Systematizing and institutionalizing the Exchange of information will be a good Step forward In that sense we welcome the Establishment of the counter ransomware Tax Force to improve our analysis by Exchanging intelligence as well as the Pilot information sharing platform to Facilitate such exchanges with the Private sector Finally the fragmentation of cyberspace Continues to grow but Regional and International cooperation can bridge the

Gap in knowledge Technologies best Practices and capabilities to fight Ransomware Cooperation with other countries in Capacity building must be a priority Across the screen and at all levels In this regard we are confident that the Proposed capacity building tool can help Countries and stakeholders to maximize Synergies with the private sector and Increase their resilience in dealing With ransomware threats Explain will remain committed to support And actively participate in this Necessary initiative thank you very much Thank you very much Spain for that Commitment we turn now to Switzerland Switzerland is grateful to the U.S for Organizing this very productive Summit Thank you also to the chairs of the Working groups who have been Instrumental over this past year to the Successful work of the working groups Ransomware attacks can have widespread Consequences and cause considerable Damage and human harm Ransomware actors operate in all corners Of the world so a cross-regional Approach is essential Switzerland joined the CRI because we Believe that the international Cooperation is key to address and Counter ransomware The CRI provides an excellent framework

To exchange information and Lessons Learned on the key elements that make up The ransomware ecosystem from technical To diplomatic aspects The working groups provide valuable Platforms for comparison exchange and Discussion among relevant National Experts those exchanges are conducted in An open and transparent way based on Mutual trust from Switzerland’s Perspective this has provided a very Valuable opportunity to draw comparisons With the actions of national agencies of Other states including law enforcement Technical cyber Security Experts and Cyber diplomats to examine our own Systems and models Allow me to mention a couple of points That are particularly important for Switzerland Efforts to counter ransomware must be Consistent with the national law of the States involved as well as with the International law this includes International human rights law Indeed efforts to combine cyber to Combat cyber crime are designed to Protect the human rights not to Undermine them For Switzerland it is key that the Rights people have offline must also be Protected online An important part of these efforts Should be a consistent and strong

Implementation of the financial advisory Task force standards applying to Virtual Asset service providers including the Travel rule the standards are an Important tool to prevent and disrupt The threat resulting from ransomware Capacity building is essential for all States to contribute to the goal of Countering ransomware we are looking Forward to discussing and sharing within The CRI positive examples that aim to Build the capacity of states to enforce Relevant laws and to improve their Ability to cooperate effectively and Internationally also in the realm of Innovative technology to build secure Systems that provide a more secure Internet and digital infrastructure Because the majority of the internet Infrastructure is operated by the Private sector strong Partnerships with The private sector are key it is Important that those Partnerships are Based on clear understanding of roles And responsibilities that allow for a High level of trust It is important to enable and encourage Reporting of ransomware Acts at National As well as International level a solid Basis for decision making is key for Successful cooperation With a view to the Future work of CRI There are already a number of Well-functioning tools in use that allow

For sharing of Technical and other Information and support cooperation many Operated by the private sector We believe that the CRI is an excellent Platform to present and discuss those Tools including how they could be better Put to use in our view it is key to Avoid the creation of duplicate Structures at this point and leverage Existing tools and initiatives Switzerland is committed to continue to Support the work of the contrary Initiative thank you very much thank you Very much Switzerland we now turn to Ukraine Thank you uh there was a great summary By Switzerland of pretty much everything We talked about for the past two days I could say there have been productive Discussions great ideas Major challenges for all of us but Inspiring opportunities It is clear that we are united in our Vision and understanding of what needs To be done and how we will be facing the Challenges to come Considering the interlinked nature of The world information systems and Infrastructure being in the midst of the Next Industrial Revolution Cyberspace has become in the core of Our Lives fully Global and common for us all So countering ransomware has become an Issue of national and Global Security

Together with other cyber security Initiatives Ukraine’s started systematic Implementation of many of the Initiatives discussed here in 2016 by Adopting the National Security strategy National cyber security strategy and by Building relevant capacities and Resilience So Our experience demonstrates that such Initiatives work This is what helped us combat extreme Attacks targeted on the government and On operators of critical infrastructure During this year We continue to build on our capacities And There’s really A great Um Opportunity and a great need for Enhanced collaboration at multiple Levels that we see amongst National Authorities with the operators of Critical infrastructure in the private Sector and with International Partners In order to prepare for the challenges To come over the next years and decades We must also make efforts to educate the Society the private and the public Sector Starting with our younger groups and the Growing Generations

Cyber hygiene and security must become An integral part of our education Systems and social media campaigns We see that CRI Has a great potential to become a Platform for a full scope of cyber Security cooperation by building Corresponding networks sorry Corresponding Frameworks The Diplomatic The legal and the technical There were some great ideas and there’s A lot of work done that already shows These Frameworks are available for us to Use and develop And there was a great Um Slogan security by Design I believe that In each of these domains We should have this as our long-term Vision and goal On a final note We all thank U.S for the leadership and I would like to join and say thank you For your leadership and thank you for You for your team thanks to your team For all the work done To have the CRI Second Summit But leadership starts with a vision And I would suggest that we all get Acquainted with the as National Security Strategy released in October this year Because it highlights the challenges we

Face For the years to come and more Importantly the values that I am sure we All share as the members of the Civilized society Closing the speech I would like to thank thank for the Level of high level of representation From the US which really highlights that Cyber security and cyberspace is one of The great and most important areas in Our lives for the next years to come Thank you everybody Thank you very much and I Echo the Remarks over these two days of all of The CRI members expressing support for Ukraine’s courage Innovation and Commitment during this very very Difficult time thank you very much Thank you United Arab Emirates Thank you thank you very much Madam Chair and thank you for everybody Actually participating here would like To express our gratitude to the United States for the opportunity to provide Feedback on the future plans for this International collaboration in the field Of cyber crime and more specifically in The ransomware It’s a key topic for the future Prosperity of the United Arab Emirates And its digital economy recently the UAE Expressed great amount of such cyber Attacks and in large percentage of those

Attacks were ransomware the UAE Identified this inherent cyber risk and Cyber attacks mostly As ransomware the UAE identified as well and expressed Many of those cyber attacks uses virtual Currencies as the platform of exchanging Those ransoms We in UAE expand the vision of UAE as Well as the cyber security strategy of UAE and its primary goal which is Developing and implementing a Comprehensive cyber security from Framework to create safe and strong Cyber security infrastructure across the UAE and the globe The UAE contributes to the robust cyber Security Regulatory and legal framework Which covers cyber crime securing Emerging and existing technology while Also implementing National incident Response plans to promote Swift and Coordinated response to cyber incidents Additionally we as as well served the Computer images first team helped to Improve practices of information sharing As well as information security and Protect I.T infrastructures in the new AE and the globe from cyber risk such as Ransomware The UAE is making concrete efforts to Collaborate and share information and Insights of such attacks and seeking to Improve as well its current relationship With various international government

Authorities the aim is not only to help Improve our own cyber security postures But to work shoulder to Shorter together And building stronger and cyber security Landscape for all other nations as well Uh specifically and based on those two Days of great discussions we emphasize On the following Points one government and all of us Governments recognize the importance and The need for Urgent actions and common Priorities and complement efforts to Reduce the risk of ransomware efforts Will include improving Network Resiliency to prevent incidents when Possible and respond effective when Incidents do occur We also committed to work together and With private sectors to promote Improvements to basic cyber hygiene and Post-network resiliency and mitigate the Risk of ransomware Nations as well should consider Appropriate steps to promote incident of Information Sharing between ransomware entities or Victims and relevant law enforcement and Cyber Emergency Response Team We’re taking as well actions to disrupt The ransomware businesses and for that It requires concrete efforts to address Illicit Finance risk as we saw in one of The great working group And this includes virtual assets and

Primary instrument criminals used for Ransom payments and subsequent money Laundering we must all act to degrade And hold accountable ransomware Criminals operators as well as cooperate Together with each other on International Partners in many of the Enhancement and the exchange of Information that we actually do Frequently In addition to disrupting those Ransomware ecosystem diplomatic efforts As well in one of the groups can promote Rules and base behavior and encourage All the state to take reasonable steps To address those operations as well as Within their territories UAE remains committed to working with The CRI members and promote Global law Enforcement and security organizations To build a systematic approach towards Capability building and awareness Programs that were countering ransomware We as well develop standard and best Practices that will help to consolidate Efforts and standardize responses to Ransomware attacks that will align with The capabilities building as well as Awareness programs which include one of The major things that we always and we All agree on information sharing Mechanism and that include one of the Frameworks such as the one proposed by Our partner India and Lithuania or the

Ones that we as well work together with Our partner and Syria to work on that One-Stop shop Looking forward for more and more Collaboration with you all and really Appreciate again being with you here and Thank you again very much for everything Thank you thank you very much to the UAE We’ll now turn to the United Kingdom With thank you as well for co-leading The countering illicit Finance working Group Thank you and um there are benefits and Disadvantages to coming relatively late In the alphabet Um lots of time to prepare your remarks But then everyone said what you’re going To say already Um so I’ll give you a pretty brief Um thank you to to the US for their Great leadership and for hosting the Summit it’s been hugely valuable to meet In person Um to keep up the momentum and plan our Work for the year ahead the UK has been Particularly honored to co-lead the Count illicit Finance work stream with Singapore and we look forward to Continuing that leadership role next Year and we’re particularly honored Firstly because ransomware is now a National security imperative for the UK That harms our government our business Our citizens every day on an increasing

Scale secondly we’re honored to lead the Work stream because as we’ve discussed Over these last two days following the Money and reducing the profitability and And the attractions of of ransomware as A crime to the criminals is fundamental To the success of our endeavors so we Look forward to continuing our work uh Next year it needs to be done on a Global basis to be effective so the CRI Campaigning valuable role and we look Forward to it going from strength to Strength thank you Thank you very much to the UK so for the Final comments to Ambassador Nick Firth The United States Thank you madam chair uh I’ve been in This role only only for six weeks and I Can say at this point with certainty That I have not sat in one place longer Than I have for this uh and it’s been Worth every minute of it uh trust is the Currency of the digital world and Gatherings like this one build trust They uh build shared context and Ultimately they build durable consensus And I’ve always loved the phrase durable Consensus uh durable being the key piece Because our consensus will be most Important when things are most Challenging and uh so thank you Ann for Your personal leadership and making this Happen uh and thanks to all of you for All the work that got us to this point

Uh now onward I I want to be Concrete in Three areas my colleagues and I are Committed to working with this group to Leverage diplomatic channels to Reinforce your initiatives whether to Deepen law enforcement cooperation and Information sharing or to deny criminals Their illicit proceeds Second we are committed to continuing to Work with you to develop and fund Innovative capacity building tools and Programs not just for those countries Represented in this room but also for Our Global Partners who struggle to Marshal the resources and expertise to Combat this threat I’m especially interested as we Discussed earlier in the first one or Two of those programs on the theory that Compounding is a powerful force in life Good gets better bad gets worse objects In motion tend to stay in motion Whatever analogy you want to use how we Get started we’ll have an outsized Effect on how we continue Third we pledge to continue to work with International Partners to further the Framework of responsible State behavior In cyberspace to deepen support for its Voluntary norms and where necessary to Call out and seek accountability for States that sponsor ransomware actors or Turn a blind eye to their activities We’ve heard repeatedly that our

Adversaries are not kids in hoodies They’re well trained they’re funded Professionally organized they’re Innovative and they evolve But so are we and that’s the most Important message for me from the last Two days and it’s what makes me proud to Be a part of this initiative This Summit we need to remember is not Just about those of us assembled here Today it’s about the hundreds of Departments and agencies and Ministries The thousands of civil servants and the Hundreds of millions of citizens who Stand behind us in support The technologists the law enforcement Officers policy makers diplomats nurses Doctors and teachers who refuse to Accept the National Security and Economic consequences of failure So on behalf of my colleagues I thank You all for your contributions for your Partnership for your Clarity of purpose And I look forward to all that we can Achieve in the coming year thank you Thank you very much so I’ll Briefly Summarize our comments we’re as Australia began we are in this together And as our Irish colleagues noted but We’re all powerful when we are together Ransomware is a borderless challenge and As such we take it on in a way that Truly crosses borders and Crosses Disciplines it’s both a criminal and a

National security issue and we discuss Specific outcomes across policy for Example sharing and coordinating Policies on Ransom payments and Insurance payments capacity building and We discuss specific models of those here With thank you to the countries that Offered them and finally standing up a Joint ransomware Task Force to Operationalize Across the three Disciplines that are core to our work Beginning in the first quarter of 2023 We highlighted the role of the private Sector and really welcome the private Sector into our discussions global Companies representing the global nature Of what they contribute invisibility and Mitigation and the fact sheet and our Joint statement has now been made public So on behalf of the working group Co-leads with thank you for the work They put in during this past year and Looking forward to the work coming thank You to all for attending I also Echo Your thanks to the team across the National Security Council the office of The national cyber director for pulling Together these two days of events and With that I am very pleased to introduce Jake Sullivan the U.S national security Advisor as you can see he immediately Joined us shoulder to shoulder that has Been the joke how closely we’ve been Sitting together for this for today

Specifically Jake’s leadership and understanding of The threat ransomware poses and cyber Poses to our national security and his Dedication to building International Partnerships to solve challenging Problems has really made the counter Ransomware initiative a success and we Are grateful Jake over to you Well thank you Anne for your leadership And Chris for yours and Nate but Especially to all of you for being here And for taking the time we’re trying out A new theory that the closer everyone Sits together the more you cooperate so We’ll you know next time we’ll even Remove the space between chairs and just Really shove everyone in tight also as a Public service announcement this Wristband will get you all you can drink At the Rave later tonight so just flash It in any bar in Washington and they’ll They’ll serve you Um Honestly I know you guys have have talked a lot Listened a lot Um worked through a lot and I want to Come on to some of the specifics that Are at the heart of the counter Ransomware initiative but I I actually Wanted to close this out by taking a Little bit of a step back and sharing The thinking of the Biden Administration

For why this initiative and this issue Is not just confined to cyberspace is Not just confined to a particular Challenge within cyberspace but really Is a Hallmark of our national security Approach as a whole We released our national security Strategy just a couple of weeks ago And it was a product that really Drew From consultations with a lot of Countries seated around this table and At its core with the National Security Strategy uh reflects and represents is That you cannot needly divide between Foreign policy and domestic policy any Longer in the approach to National Security that that’s just not the world That we live in anymore So we have built our national security Approach on the foundational integration Of foreign policy and domestic policy And that means elevating our focus on The issues that spill out of those two Silos whether it’s Supply chains or the Energy transition or tax policy Or especially cyber security From day one the Biden Administration Has really put cyber security at the top Of our list and and and Anne was um kind Enough to take the first ever role as Deputy National Security adviser for Cyber in uh a an NSC in a White House in History because we wanted to build and Integrate an entire a cyber component

Um at a very senior level at the heart Of the National Security Council and so Every this connects across everything That we do And we’ve tried to drive a range of Different uh lines of effort in the Cyber domain first focusing on cyber Security and safety here at home last Year President Biden signed an executive Order that requires new Baseline Standards for software sold to the U.S Government a lot of it that is also used And bought by countries around the world It’s an effort that we hope will raise The game for software not just for our Country but for all of your countries as Well and it was interesting when we came In and found that this simply was absent There was no standard upon which this Software was built now we came to office Of course just a couple of months after The solar winds hack was brought to Public attention and of course solar Winds was shot through every corner of The U.S government as well as many of Your governments and it was it was a Very bracing learning uh lesson for us To learn We’ve also worked across our government To create Landmark cyber security Standards in critical infrastructure Sectors from airports to Water Systems To pipelines to railroads and in fact it Was a ransomware incident last year the

Colonial pipeline attack that really Drove home the need for these standards And as many of you know working it in Your own systems there’s a lot of Gnashing of teeth and a lot of blood on The floor working with critical Infrastructure sectors to get these Standards not just written but actually Implemented in a full way and it Requires a genuine level of Public-private partnership that is Almost unique across the National Security Enterprise to protect our Countries from all manner of cyber Attacks including ransomware attacks and Our work is is by no means done but We’re going to go sector by sector to Ensure that we have standard cyber Security Uh practices for the critical Infrastructure owners in every uh domain Of critical infrastructure Second uh working with our partners we Focused on securing new technologies I Know that you all have talked about Digital assets uh addressing the way That illicit crypto crosses borders and Fuels uh cyber actors criminal cyber Actors We’re also in the final stages in Consultation with some of you around This table of creating a labeling Program for the internet of things and Particularly for iot devices so that

Consumers that bring home those devices Know that they’re bringing home a secure Device this is something that some of You have pioneered and we’re learning Lessons from that ourselves uh in trying To develop a similar almost like energy Star program for cyber security and the Internet of things and we want to make Sure that what we put in place is Compatible with those of you who’ve Already done it and those of you who Will follow suit Third of course and and the last two Days have been a good indication of this We’ve been focused on uh really Strengthening collaboration with our Partners to doing this in partnership With other countries because any one Country solving their cyber problem is Not really getting after the root of This problem which is a network problem That affects all of us so we’ve been Trying to build diverse and flexible Coalitions that tackle a transnational Threat like cyber and that too is a Hallmark of President Biden’s foreign Policy across the board Um we’ve shared information regarding Cyber threats to protect critical Infrastructure across the entire globe On every continent with dozens of Countries we’ve worked with countries to Implement the Norms of the UN endorsed Framework for responsible behaviors in

Cyberspace we’ve created the virtual Cyber incident support capability with Our NATO allies to more effectively lend Cyber resources and support moments of Need we’re driving the development of New Cyber tools with our quad partners And as sort of the flagship in Collaboration we were very proud to help Along with the rest of you launch this Counter ransomware initiative last year And to see how far it’s come in one year And to see the path ahead and how Promising it looks As everybody here knows and as you all Have Um reinforced in your comments over the Last couple of days ransomware is a Global challenge that requires Global Cooperation Um to produce Global Solutions And Um that’s why in fact this Coalition is The uh largest in the world in terms of A cyber security Coalition and the most Comprehensive bringing together Countries and companies from all regions Of the globe To deter and disrupt these uh ransomware Attacks I want to particularly thank Australia Singapore the United Kingdom India Lithuania Spain Germany the CRI Working group leads uh who have made Sure that this collaboration is broadly Shared brings diverse perspectives and

Really creates a platform upon which the Collaboration of all of us going forward Can be built Having already had two exercises With respect to building our resilience So CRI members across the world can Bolster their ability to coordinate During a potential Cyber attack You’ve also strengthened our defense Developing ways to disrupt ransomware Actors uh and countering their illicit Financing particularly in the Cryptocurrency ecosystem and Collectively you’ve deepened our Collaboration creating a new platform to Facilitate information sharing and build Enduring Partnerships with the private Sector And as Anne has just described over the Last two days you’ve done more Whether it is about combating the Ability of ransomware actors to use Virtual assets including through an Investigator’s toolkit delivering Justice to ransomware actors and their Enablers by standing up a Joint Task Force in the first quarter of next year Is a due out from this meeting ensuring Our national cyber infrastructure is not Being used in ransomware attacks by Sharing information regarding malware And techniques so that we can all Collectively defend better And of course strengthening our

Diplomatic cooperation to deny Safe Haven to ransomware actors and I want to Especially thank Nigeria’s agreement to Co-lead this stream of work with our German colleagues for the coming year I was also pleased to see over the Course of the last couple of hours that You’ve integrated for the first time the Private sector uh and private companies From across the world into these CRI Conversations because as we all know Um Sometimes to our benefits sometimes to Our detriment hopefully more and more to Our benefit private firms and companies Often have the key information before we Have it as governments so we need to Work together and then finally you all Know even better than I do Um And it’s not obviously limited to Ransomware or to cyber but it is I think Especially acute in this area We have to continue to work overtime to Break barriers within each of our own Governments bringing together policy Intelligence Finance legal law Enforcement and every other conceivable Kind of tool to combat ransomware So let me just close by saying that over The last few days we’ve seen how this International integrated Uh Innovative approach can really Drive Results and

Um I really just want to express the Gratitude of President Biden my personal Gratitude our entire team here at the White House between the National Security Council the office of the National cyber director our colleagues At the state department and other Agencies we have a long way to go but We’ve already come a long way and the Momentum we’ve built Um you know to pick up where Nate left Off objects in motion can stay in motion If we keep pushing them forward and That’s what I think collectively we Should all do so thank you for giving me The opportunity to address you today but More importantly Um thank you for bringing a spirit of Collaboration and deep substance Expertise and wisdom to our Collective Effort and I think let’s just keep Making the kind of progress we’ve made Over the course of the past year and we Will really get after this problem thank You

My Patriot Supply