United States Mission to the United Nations
Press and Public Relations Bureau
For immediate release
November 8, 2024
Joint Statement on Ransomware Attacks on Healthcare Facilities
(The following was announced by Ann Neuberger, U.S. National Security Advisor, on behalf of Albania, Argentina, Australia, Austria, Bahrain, Belgium, Bulgaria, Canada, Colombia, Croatia, Costa Rica, Cyprus, and Czech Republic. This is a joint statement: Denmark, Dominican Republic, Ecuador, Estonia, European Union, Finland, France, Germany, Greece, Hungary, Ireland, Israel, Italy, Japan, Jordan, Latvia, Lithuania, Luxembourg, Malta, Morocco, the Netherlands, and Norway. , Philippines, Poland, Portugal, South Korea, Republic of Moldova, Romania, Sierra Leone, Singapore, Slovakia, Slovenia, Spain, Sweden, Switzerland, Ukraine, Uruguay, United Kingdom, United States, Vanuatu, Vietnam).
Albania, Argentina, Australia, Austria, Bahrain, Belgium, Bulgaria, Canada, Colombia, Croatia, Costa Rica, Cyprus, Czech Republic, Denmark, Dominican Republic, Ecuador, Estonia, European Union, Finland, France, Germany, Greece, Hungary, Ireland , Israel, Italy, Japan, Jordan, Latvia, Lithuania, Luxembourg, Malta, Morocco, Netherlands, Norway, Philippines, Poland, Portugal, South Korea, Republic of Moldova, Romania, Sierra Leone, Singapore, Slovakia, Slovenia, Spain, Sweden, Switzerland, Ukraine, Uruguay, the United Kingdom, Vanuatu, Vietnam, and the United States are deeply concerned about the frequency, scale, and severity of ransomware attacks on critical infrastructure, particularly hospitals and other health care facilities.
These attacks pose a direct threat to public safety, can delay critical health services, endanger lives, cause significant economic damage, and pose a threat to international peace and security.
When hospitals and healthcare providers are targeted by ransomware attacks, the attacks can cause ambulances to be diverted, life-saving surgeries to be canceled, critical medical emergencies to be delayed, and blood donations to be canceled.
We must call on all Member States to strengthen cybersecurity and the resilience of critical infrastructure and work together to confront and stop the threat of ransomware.
The General Assembly has repeatedly and unanimously approved the United Nations Framework on the Responsible Conduct of States in Cyberspace, which ensures that international law applies to cyberspace and that States comply with voluntary norms of peacetime behavior. It is clear what is expected of you.
In accordance with relevant norms, states should not knowingly allow their territory to be used for internationally unlawful acts using information and communication technologies (ICT). This may include actions by ransomware attackers operating within your own jurisdiction.
States should also respond to appropriate requests to mitigate malicious cyber activity targeting other countries' critical infrastructure emanating from their territory.
If a state acts contrary to the framework and knowingly allows ransomware attackers to operate with impunity from its territory, responsible states will condemn such irresponsible and destabilizing behavior. and irresponsible attackers must be held accountable.
The growing threat of ransomware is harmful to all of us.
We will work with the international community to uphold the international framework for the responsible conduct of states in cyberspace, track ransomware attackers, target the malicious software they use and their spread, and commit to ransomware. We will continue our efforts to comprehensively address the warehousing threat and counter the illicit finance that supports them. operations, securing critical infrastructure, providing technical assistance, and coordinating between countries as needed.
We are deeply committed to fighting cybercrime and building the capacity of United Nations Member States to join this fight, including through the 68-nation Global Anti-Ransomware Initiative. thank you.
###
