Targeting state-sponsored cybercrime emanating from China, Russia and Iran, Foreign Ministers of the Quad grouping have come out with a joint “statement on ransomware” — a first of its kind — announcing that they have decided to act against malicious cyber activity against critical infrastructure.
The joint statement was issued after External Affairs Minister S Jaishankar met counterparts Antony Blinken of the US, Penny Wong of Australia and Hayashi Yoshimasa of Japan on the sidelines of the UN General Assembly session in New York Friday.
“The transnational nature of ransomware can adversely affect our national security, finance sector and business enterprise, critical infrastructure, and the protection of personal data. We appreciate the progress made by the 36 countries supporting the US-led Counter Ransomware Initiative and the regular, practical-oriented consultations against cybercrime in the Indo-Pacific region,” the joint statement said.
They pledged to assist each other in ensuring the security and resilience of regional cyber infrastructure.
“We exercise responsibility to assist each other in the face of malicious cyber activity, including from ransomware, against critical infrastructure,” the statement said, calling this a call to action.
The Quad statement is aimed at malicious cyber activities emanating mainly from actors in China, Russia, Iran and North Korea, sources said.
“The Ministers signal our collective will to fight ransomware threats to the cyberinfrastructure that enables Indo-Pacific economic development and security. We commit to further cooperate on capacity building programmes and initiatives that are aimed at enhancing regional cybersecurity and improving resilience against ransomware attacks in the Indo-Pacific,” the statement said.
According to the statement, Quad countries commit to further cooperation on capacity-building programmes and initiatives that are aimed at enhancing regional cybersecurity and improving resilience against ransomware attacks in the Indo-Pacific.
With rapid adoption of fintech, India faces challenges from malicious cyber activities — Chinese loan apps being the most recent. The Quad, which started with cooperation on maritime security, has widened its sphere of activity — from vaccines to cyber security. The joint statement is testimony to convergence of interests in newer and critical areas.
The ministers highlighted that practical cooperation in countering ransomware among Indo-Pacific partners would result in denying safe haven to ransomware actors in the region.
“We focus on results-oriented efforts to assist partners across the Indo-Pacific to strengthen their resilience, trust, and confidence in cyberspace, and effective incident-response capabilities,” the statement said.
It said Quad countries are committed to an “open, secure, stable, accessible, and peaceful cyberspace” and support regional initiatives to enhance the capacity of countries to implement the UN Framework for Responsible State Behaviour in Cyberspace.
“We strongly believe that focused initiatives for enhancing the cyber capabilities of Indo-Pacific countries would ensure the security and resilience of regional cyberinfrastructure,” it said.
Newsletter | Click to get the day’s best explainers in your inbox
Recalling the last Quad Foreign Ministers’ meeting on February 11 this year, the ministers said they are committed to addressing the global threat of ransomware, which has been an obstacle to Indo-Pacific economic development and security.
Underlining the importance of the multi-stakeholder approach for counter-ransomware capacity building, which includes promoting the role of existing mechanisms such as the Global Forum on Cyber Expertise, the statement said the ministers recognise that the multi-stakeholder approach to internet governance will uphold shared values in the design and use of technologies and cyberspace across the region.
“We welcome the negotiations of a possible new UN cybercrime convention as a long-term means to address cybercrime more broadly which will have utility in countering ransomware. We underscore the need for a new treaty to be drafted in a technologically neutral and flexible manner, which does not describe specific technologies or criminal methodologies,” the statement said.