The EU wants to cooperate with the US in the fight against ransomware. Both sides emphasized this at a meeting between the European Commission and US Homeland Security Secretary Alejandro Mayorkas in Lisbon on 22 June.
After the EU-US Justice and Home Affairs Ministerial meeting, the US Secretary of Homeland Security,Alejandro Mayorkas, announced the creation of a “new ransomware working group to address the scourge of ransomware that has hurt the US so much and so many other countries.”
Ylva Johansson, the EU’s Home Affairs Commissioner, stated that the pandemic had accelerated the frequency of ransomware attacks and that more cooperation with the US would be a step in the right direction.
In recent weeks, there have indeed been several spectacular ransomware attacks in which criminals have extorted millions. Prominent recent cases are the attacks against the company that operates the Colonial pipeline in the US or against Ireland’s healthcare system that has crippled the countries health services over weeks. Other cases, such as the attack on the European Medical Authority, have also caused a stir recently. As a reminder, ransomware is a form of malware that hijacks data. The attacker encrypts the victims’ data and demands a ransom for the private key.
The joint EU-US statement that was released after the meeting announced that “both sides agreed on the importance of combating ransomware together, including through law enforcement action, raising public awareness, […] and to encourage those states that turn a blind eye to this crime to arrest and extradite or effectively prosecute criminals on their territory.” This can be seen as a signal send towards Russia as most of the ransomware attacks in recent months have been launched by criminal groups based in the country.
On Wednesday (23 June), in response to the increase in ransomware attacks, the Commission also announced the creation of a dedicated unit to combat cyberattacks. With rapid response teams, this new “Joint Cyber Unit” will help national authorities and EU institutions defend against ongoing attacks. The unit will also provide a platform for law enforcement agencies, diplomats, government cybersecurity agencies and citizens to share information in the event of ongoing attacks.
The EU already has a cybersecurity agency named ENISA, but it is primarily involved in training, advising and certification. There is also an EU Computer Emergency Response Team (CERT-EU), which gathers information on cyberattacks and coordinates with national authorities. The new cyber unit is expected to be closely integrated with existing agencies and complement their work.
The new joint cyber unit is scheduled to become operational by the end of June 2022, by which time its work is to be prepared in close coordination with EU Member States. Its funding will come mainly from the Commission’s Digital Europe program, but other resources could also be drawn from the European Defense Fund, according to the Commission.