24 C
Yaoundé
Monday, 28 November 2022 05:07
Acceuil AFRICAN COUNTRIES Ten initiatives to fight cybercrime and the Paris Call for Trust and...

Ten initiatives to fight cybercrime and the Paris Call for Trust and Security in Cyberspace

[DIGITAL Business Africa] – Over the past decade, ransomware has emerged as a prominent component of the global cyber threat landscape. This type of attack aimed at taking control of a target system, in order to block, encrypt, steal and potentially delete its data, is used mainly for immediate extortion purposes, requiring victims to pay a sum in exchange for the return of assets availability and confidentiality.

While ransomware appeared at the end of 1980’s, and are therefore not a new threat as such, their current incidence – estimated at 12% of data breaches in 2022 (IBM, 2022)- as well as their direct and indirect cost –1.4 million $ per organization in 2021 (Sophos, 2022) are unprecedented. Another striking trend lies in the profile of the affected organizations, which are increasingly public institutions and critical infrastructure operators. Since the start of the Covid-19 pandemic, the health sector has become a prime target for threat actors, with 384 ransomware incidents recorded across 38 countries (CyberPeace Institute, 2022).

As a global phenomenon, the ransomware threat spares no industry or region across
the globe the world. It relies on a complex ecosystem – ranging from transnational
organized crime to state-backed actors (Trellix, 2022).

As with most challenges in cyberspace, which remains privately owned or operated for large parts, a global governance framework gathering all actors involved in the detection, prevention, reaction and repression of these should be sought. Ransomware attacks differ from other cyber malicious acts, however, as they are specifically based on blackmail, placing the victim in an even more active role when addressing these acts.

In many cases, targeted private organizations don’t know how to proceed when facing the disruption of their services and the risk of data loss or disclosure. The opportunity to pay the ransom requested, for instance, is still widely debated among stakeholders
notwithstanding the cautions expressed by public authorities – as more than half of
victims pay the ransoms according to recent surveys (Kaspersky, 2021).

The dynamics of the phenomenon thus reinforce the need to achieve effective cooperation and common understanding between private and public actors. Public-Private Partnerships (PPPs), whose value has long been widely recognized in the cybersecurity field, have naturally been proposed as a key component of the response to ransomware.

PPP is usually defined as an “agreement/ cooperation/ collaboration between two or more public and private sectors and has developed through history in many
areas” (ENISA, 2018). While most actors agree on the usefulness of such a broadly
defined action pattern, discrepancies remain between public authorities and the
stakeholder community on what is concretely expected of each party.

Starting from this premise, the Paris Call for Trust and Security in Cyberspace has
launched a workstream aimed at informing the intergovernmental work of the Working
Group n°3 of the Counter Ransomware Initiative by providing a global, multistakeholder lens. This workstream brought together representatives from the public sector, industry and civil society for a round of discussions initiated in mid-2022, where participants agreed on the drafting of the present compendium of existing global initiatives aimed at fighting ransomware threats through PPP cooperative models.

The restitution of the current “state of play” was considered a necessary prerequisite to
further discussions between communities toward the identification of replicable good
practices for each stage of action.

Participants identified a substantial number of initiatives with a global or regional scope
that rely on PPP cooperative models – suggesting broad adhesion to the idea that PPPs
in the fight against ransomware are not only useful in the domestic context but also at
the supranational level.

The existence of regional initiatives alongside initiatives with a worldwide scope suggests that the ransomware threat while being a global phenomenon is in part underpinned by local dynamics that deserve to be addressed more specifically.

A classification of these initiatives has been attempted on the basis of the nature of the goal pursued – which generally correlates with the mandate of the public organization(s)
involved in the PPP. Since ransomware is primarily associated with cybercrime, the
majority of existing initiatives are aimed at facilitating investigations as part of the law
enforcement activities (e.g. INTERPOL’s Gateway Project, World Economic Forum’s
Partnership against cybercrime).

A substantial number of initiatives also aim to provide policy and strategy recommendations for stakeholders, based on prior identification of the gaps at this level as well as threat analysis (e.g. Ransomware Task Force, ENISA Working Group on Cyber Threat Landscape). Finally, a smaller number of initiatives focus on awareness raising and user empowerment by proposing guidance and tools in the event of a ransomware attack, which in turn facilitates investigations (e.g. No More Ransom Project).

The reconstitution of this landscape provides a baseline for building on what already
exists, with a view to identifying potential synergies and redundancies between initiatives,
as well as gaps that are not currently addressed. In line with the feedback often
expressed for cybersecurity PPPs at the domestic level, it appears for instance that the
asymmetry in information sharing between partners of a different nature is still an
the obstacle to the full effectiveness of supranational initiatives.

Continuing this work would provide an accurate picture of stakeholders’ needs, which could be addressed by drawing on good practices identified over the long term.
The participants of the workstream hope that this effort will effectively support the
work of the Counter-ransomware initiative toward a global, comprehensive action
against these ransomware threats.

They will provide Working Group n°3 with their full report before the annual meeting of the Counter Ransomware Initiative and will offer participating States to exchange on the first outcomes of their work during a high-level roundtable in the framework of the 5th edition of the Paris Peace Forum, on November 11-12.

Source: Read the report and the top ten initiatives against cybercrime in the Paris Call Compendium of transnational PPP against ransomware 

Beaugas Orain DJOYUM
Beaugas Orain DJOYUM est un passionné des TIC, des Télécoms et du Numérique. Il est le Directeur de publication de Digital Business Africa, la plateforme web d'informations stratégiques sur les TIC, les Télécoms et le Numérique en Afrique. Journaliste diplômé de l'ESSTIC et consultant en e-Réputation, il dirige le cabinet ICT Media STRATEGIES. Un cabinet spécialisé en veille stratégique dans le secteur des TIC, des Télécoms et du Numérique, en e-Réputation, en communication digitale, en édition web & magazine et en production des contenus médiatiques spécialisés. Pour le contacter : [email protected]. Téléphone fixe : +237 243 25 64 36. Téléphone mobile : +237 674 61 01 68
[tdc_woo_shortcodes]JTVCY3VzdG9tLXR3aXR0ZXItZmVlZHMlNUQ=[/tdc_woo_shortcodes]

LEAVE A REPLY

Please enter your comment!
Please enter your name here

SUIVEZ NOUS SUR VOS RÉSEAUX SOCIAUX

32,776FansLike
8,427FollowersFollow
449SubscribersSubscribe

TELECHARGEZ NOTRE VERSION MAG

Recevez gratuitement notre newsletter quotidienne

Votre adresse e-mail est en sécurité

NOS NEWS SUR TELEGRAM

NOS NEWS SUR WHATSAPP

SUIVEZ NOUS SUR TWITTER

TigoTigo Mag est en ligne! https://www.tigotigo.com/index.php/fr/ Merci à @AlthausMH @IngridNappi @Afrimag_ #afrique #digitalbusinessafrica

TIC / Télécoms : Au sommet de l’UA à Niamey, Mohamed Bazoum présente ses solutions pour réussir l’industrialisation de l’Afrique https://digt.al/3XCPtwA #DigitalBusinessAfrica

Mohamed Bazoum : « Le système nerveux de notre continent doit être basé sur les télécommunications et les TIC » https://digt.al/3GKPCrR #DigitalBusinessAfrica

Voir plus...

Ten initiatives to fight cybercrime and the Paris Call for Trust and Security in Cyberspace

– Over the past decade, ransomware has emerged as a prominent component of the global cyber threat landscape. This type of attack aimed...

Elysee Nkundimana: “This is a digital contactless business card that uses NFC technology”

– A digitalized business card. Accessible by NFC technology or QR code. With the option to save it in your contacts in two...

At MWC Africa, Paula Ingabire presents the five main pillars of Rwanda’s new broadband policy.

- The Rwandan Minister of ICT and Innovation, Paula Ingabire, presented to the African ministers in charge of ICT the main pillars of...

Here are the 13 African countries elected to the ITU Council, none from the CEMAC zone!

- Member States of the International Telecommunication Union (ITU) today (03 October 2022) voted on the composition of the next ITU Council and...

Alexander NTOKO: “I have what it takes to lead the Bureau responsible for implementing ITU’s development mandate”

– The International Telecommunication Union (ITU) Plenipotentiary Conference 2022 (PP-22) will take place at the Palace of Parliament of Bucharest, the Romanian capital, from...

Smart Click Africa launches the CamerExcellence concept to celebrate Cameroonian talents who excel internationally

- On the occasion of AFCON 2021, the association Smart Click Africa, in collaboration with the firm ICT Media STRATEGIES, specialized in e-Reputation and...