Government Strategies Against Cybercrime: A Deep Dive

Forget Trump 2.0 — ransomware has been the No. 1 key driver of news headlines lately, making us all too familiar with the many instances in which cybercriminals have succeeded in taking our money, personal information, and other sensitive data. Medibank and Singtel in Asia Pacific and MGM and Caesar's Palace further abroad are just a few.

We've also heard enough about the need to take serious action, but what does it really take to mitigate and rectify the impacts of such attacks? Reputation, productivity, and insurance costs are just some of the many consequences of being affected by ransomware—all of which can lead to data loss and, ultimately, a loss of trust from stakeholders. For example, EKANS ransomware is a sophisticated malware designed to attack operational technologies like propulsion and environmental control systems. 

From a government enforcement standpoint, a ransomware game plan comes down to the winning combination of implementing the right laws and regulations to prevent attacks and international collaboration efforts.  

Governments and law enforcement agency strategies 

Tackling the problem of ransomware is an inherently international function that needs to be approached with two main things in mind: 

• Improving Resilience: How can we make our society and digital ecosystem more resilient to ransomware attacks? How can we make it harder for cybercriminals to strike but also minimise the impact in the unfortunate event they do? 
• Imposing Ramifications: How do we collectively organise ourselves to impose costs on the perpetrators, such as increased sanctions or jail time?  
   

Some of the agencies, organisations and initiatives that are currently in place to combat ransomware threats at both national and international levels include: 

Cyber Security Acts in Singapore, Malaysia and Australia: Implementing Cyber Security Acts across Asia Pacific markets such as Singapore, Malaysia and Australia has been a long time coming (2018, 2024 and 2024 respectively) but sets the foundation for enhancing the resilience of country infrastructure. Each Act/Legislation Package comes with set recommendations when attacked e.g. in Malaysia: 

• Say no to cyber criminals to avoid incentivising the attackers and encouraging them to pursue future attacks.  
• Seek assistance from the authorities whenever possible  
• Call the hotline for the Cyber999 service and file a report online 
• Call on international partners to assist, if needed 

Government Computer Emergency Response Team Hong Kong (GovCERT.HK): Established in 2015, GovCERT.HK is the official computer emergency response team for the Hong Kong government, coordinating information and cyber security incidents. To do so, it follows four-point guidelines: Policy and Assessment; Protection of Systems; Monitoring Systems and Detecting Malicious Activities and Running General Preventative Measures. In India, there is a similar taskforce in place: The Indian Computer Emergency Response Team (CERT-In or ICERT) 
 

International collaboration critical in the fight against ransomware 

The strategies employed by the previously mentioned government agencies and organisations are not unique to any country or region in the world, and rightly so, as ransomware is a profoundly international business. These attackers are opportunists and are driven by where the money is; their motive knows no boundaries. The response, therefore must be an international and collaborative effort, which we're
 already see it playing out: 

• Counter Ransomware Initiative (CRI): Though a US-led initiative, its 50+ member states and organisations have picked up the torch to help "build cross-border resilience and collectively disrupt and defend against malicious cyber actors through concerted international cooperation". The CRI is structured into three pillars, one of which is on Policy and is led by the UK and Singapore. Australia is also a founding member of the CRI. 
   
• Centre for Cybersecurity: Established by the World Economic Forum in 2018, this is a coalition of public and private organisations working to build a safe and secure global cyberspace. The Centre of Cybersecurity has since launched its Partnership against Cybercrime community, and its first initiative being the Cybercrime Atlas: An open-resource platform that gathers and collates information about the cybercriminal ecosystem and major threat actors operating today.  
   

Collaboration between the private and public sectors is key. The United Nations' report on Public-Private Partnerships on Cybercrime outlines regional perspectives on best practices, challenges and opportunities globally. One of these, unsurprisingly, is fostering connections that "leverage the expertise and resources of each actor and meaningfully engage governments, industry, civil society, academia, technical experts, and other relevant stakeholders." 

In the event of a ransomware attack, production data isn't the only victim, and the losses won't only be financial. The Veeam 2024 Data Protection Trends Report revealed that 75% of organisations get hit by cyberattacks, and most report getting hit more than once. Partnerships between private and public entities are powerful in addressing the plague of ransomware activity, and that must not be forgotten when dealing with such incidents and their aftermath. 

This content came from Veeam's Ransomware Talk Show.