Deputy Secretary Verma’s Remarks at the Third International Counter Ransomware Summit

Good morning, everyone. On behalf of President Biden, Secretary Blinken, and our entire team, welcome to the State Department. 

It’s a privilege to host this third summit of the Counter Ransomware Initiative – now 50 members strong, drawn from every continent and region of the globe.

The growth in numbers, impact, and reach of this effort is a testament to a truth we all recognize about ransomware: what was a worrying phenomenon five years ago has evolved into a broader and more urgent and more severe matter for our citizens and societies today.

That’s the reason the President brought in a dedicated and effective leader like Anne Neuberger to serve as Deputy National Security Advisor for cyber and emerging technology.

That’s the reason we tapped Ambassador Nate Fick to stand up our Cyberspace and Digital Policy Bureau. 

That office is still relatively new, but its existence is a clear sign of how serious cybersecurity is to America’s global leadership.

The creation of that bureau was just one critical step in a larger effort. 

Before that, CRI was born…a product of our determination to forge an international coalition devoted to confronting the dangers of ransomware.

Even before that, in the first months of his term, President Biden issued an Executive Order drilling down into actionable ways to secure cyberspace and combat ransomware. 

And two years ago, he declared that we would bring “the full strength of the federal government to disrupt malicious cyber activity and actors, bolster resilience at home…and leverage international cooperation to disrupt ransomware ecosystems and address safe harbors for ransomware criminals.”

The point is: this is a priority for our Administration, just as it is for all of you. 

Yet that’s not simply because ransomware attacks have, by some estimates, jumped 37 percent this year. Nor is it solely because these assaults have cost billions of dollars worldwide. 

This actually speaks to something more basic – to the most foundational duties of government: keeping our people safe and our economy growing. 

Without these fundamentals, nothing else matters. It’s a threshold we have to clear to build the trust of those we represent and enable lasting progress on everything from education and climate to health and migration and more.

And when so much of life happens online – how we learn, how we shop, how we communicate, how we socialize, how we bank, how we access and process data, how we do our jobs – then meeting those core government responsibilities must happen online too.

The fact is, ransomware’s ability to block access to computer systems, networks, files, and emails is more than an isolated financial risk. It affects every aspect of our lives.

Ransomware that targets critical infrastructure – our hospitals, roads, railways, broadband, water systems, power grids, and educational institutions – is a direct threat to every community’s capacity to function.

Ransomware and cybercrime also severely damage confidence in the digital economy, in a space where small businesses increasingly sell their goods. And we need to reinvigorate that confidence for investors and entrepreneurs and customers and all of us.

Here is the bottom line: how we secure the digital sphere from ransomware and other intrusions must be at the top of the to-do list for governments across the planet.

What’s more, cyber and ransomware fit under the category of what CIA Director Bill Burns calls “problems without passports” – borderless challenges that affect all of us and care little for national boundaries or oceans. 

That means the answers can’t be limited by borders either. 

This demands the cooperation and coordination embodied by CRI and international forums like it. 

This requires initiatives that enable faster and deeper information sharing…that increase our common understanding of our shared vulnerabilities related to ransomware.

This calls for partnerships of purpose that amount to more than an annual summit, but a collection of countries committed to tangible action. To meaningful action. To action that reflects the evolving nature of ransomware…that meets the magnitude of this threat and equips us, in the public and private sectors, to defeat it.

Indeed, we need swift, sustained, multilateral action that sees us unite to set standards and rules of the road around ransomware… disseminate and exchange threat information quickly and effectively…and develop stronger deterrence and response options when cyberattacks do occur. 

That kind of steady action is the heart of what CRI is about. Indeed, through this initiative, we’ve seen how cyber diplomacy has emerged at the center of our broader diplomacy – and how that must and will continue in the future.

Over the past year, as new partners joined our ranks from Africa, the Middle East, Asia, the Americas, and Europe, we’ve seen concrete steps to bolster our collaboration in the fight against ransomware.

There was the first-ever CRI capacity-building workshop at the Marshall Center in Germany.

There was the work of the International Counter Ransomware Task Force – the ICRTF – to develop new information sharing platforms and strengthen law enforcement and operational cooperation.

There was Israel and UAE’s Crystal Ball project…Italy’s Cybersecurity Authorities Network…India’s Trident Resilience Platform…and Lithuania’s Malware Information Sharing Project – all designed specifically for CRI members. 

There was the research conducted by the U.K. on victim behavior…by the Netherlands on virtual asset seizures…by France on cyber insurance…by Singapore on cyber incident reporting.

There was our collective focus on promoting and reinforcing international law and norms of responsible state behavior in cyberspace…and the close work with law enforcement to call out nations that ignore or fail to respond to criminal acts within their borders.

That includes the DPRK’s use of ransomware globally to underwrite its WMD and missile programs…and the ways Russia and others selectively turn a blind eye to criminal organizations operating with near-impunity in their jurisdictions.

There was also the critical role played by the private sector in combating ransomware. 

Enterprises, large and small, are on the frontlines of how these cyberattacks change the cost of doing business and reorient their risk calculations, and they’re helping us find innovative courses to improve our defensive capabilities and enhance our resilience.

That, and more, cover the scope of the agenda to date. But the threat of ransomware continues to persist and evolve. So must our strategies and responses.

Between now and the next CRI summit, we will keep recruiting countries to join this cause, learning what they need, what they’re seeing, and how we can counter this threat hand-in-hand. 

We will explore how partnerships with the cyber insurance industry can help us counter ransomware. 

We will consider how we can fortify our cybersecurity posture against assaults, establish cyber standards and best practices, and deal with how AI and emerging tech are changing the landscape in rapid and unpredictable fashions. 

Meanwhile, the ICRTF will build out its projects on information sharing, on open-source threat intelligence, on virtual coordination, and on transnational operations.

With all this and an ever-growing list staring us in the face, it’s clear that there’s a ton on our plates – and still so much more to get done. 

But as we look ahead, as we forge this path forward, as we find ways to keep our people safe and our economies inclusive and secure…it’s vital to always remember and reaffirm the underlying principles fueling our actions and informing our vision.

Here’s what that means for us, in the United States:

We believe in cyberspace as a platform for shared prosperity around the world – a forum for education, entrepreneurship, political discourse, and responsive leadership.

We believe in an affirmative outlook for the digital sphere: a place defined by safety, transparency, freedom, innovation, and accountability. 

We believe in what cyberspace can be at its best and what technology can do for the betterment of our climate, our health, our workers, our businesses, our planet. And because we believe in its possibilities, we know that we have to work with each of you to defend it.

We have to counter ransomware and secure this space against cybercrime meant solely to disrupt, to destroy, and to divide.

We have to protect our critical infrastructure from intrusions, so our communities can function and thrive. 

We have to invest in our cyber defenses against nefarious actors bent on tearing them down and, in the process, tearing our societies and economies down too.

We have to safeguard the promise and power of cyberspace as a venue for progress – and we have to do it together. 

I look forward to building on the leadership and success of the Counter Ransomware Initiative and with all of you. 

Thank you for being here.