Everything you need to know about 4:05 ransomware attacks
Editor's Note:
Matthew F. Ferraro is a former intelligence agent, a lawyer at WilmerHale, a term member of the Council on Foreign Relations, and a visiting fellow at the National Security Institute at George Mason University.
The opinions expressed in this comment are yours.
Read more opinion articles on CNNEE here.
(CNN) -
The September 11 attacks demonstrated, with shocking clarity, the enormous power individuals have to wreak havoc in an open society. Since that terrible day, the spread of technology and our solidified interconnectedness have increasingly placed the capacity for disruption and harm in the hands not just of states, but of people around the world. This trend has been called the democratization of violence, and it describes literal kinetic violence (think bioweapons made in a kitchen and miniature drones in a garage) and less physical, but devastating, cyberattacks.
These threats will continue to grow in the months and years to come because cyberattacks of all kinds are relatively cheap and can be launched on a large scale. Now, US industry and government must work more closely to bolster the defenses necessary to thwart these attacks.
The
ransomware
is the latest example of the trend of "democratization of violence". In a
ransomware
attack
, a bad actor gains access to the victim's computer system, uses
malware
to encrypt the data on the system, and only decrypts it if the victim pays a ransom, usually in Bitcoin, because it is difficult to trace. Anyone with an internet connection, from nation states to criminals and terrorists, with minimal skills and malicious intent can now launch these attacks thanks to the advent of "
ransomware
as a service." In this business model,
ransomware
developers
rent
malware
prefabricated to anyone who pays, and the developer receives a portion of the ransom payments.
Ransomware
extortions
have become a self-sustaining crime ecosystem.
It is a thriving business because most victims are willing to pay relatively modest ransoms, which then finance further attacks.
Paying a ransom can incentivize bad behavior, but a victimized company usually (and understandably) just wants to get their data back as quickly as possible.
Ransomware gang that attacked JBS Foods disappears from the internet
US offers millionaire reward to catch hackers 0:50
Cyberattacks and their effects on the US economy
Hackers often go after money, but attacks can also destabilize the US economy, whether intentionally or not. For example, in May 2021, a hacking group called DarkSide launched a
ransomware
attack on
the Colonial Pipeline, one of the largest fuel pipelines in the United States, forcing it to shut down its fuel distribution operations in several states. Consider what kind of physical assault would have been required 20 years ago, in a pre-cyber era, to unleash a wave of gas shortages in the eastern part of the country.
The scale and impact of these attacks have exploded in recent years.
By one estimate,
ransomware
will cost the global economy approximately $ 20 billion in 2021, a 57-fold increase from 2015. Everyone is vulnerable.
In short, America's cybersecurity system is flashing red.
President Joe Biden signed an executive order in May that requires
software
sold to the government to meet basic security standards, requires federal contractors to promptly report cyber incidents, and creates a government entity similar to the National Transportation Safety Board. to review the main infractions.
The White House is also calling on the private sector to do more to address cybersecurity, what President Biden called a "core national security challenge" during a recent meeting with tech titans.
The administration subsequently announced a series of government and private sector initiatives, including a collaboration to develop a new framework to improve technology supply chain security, increased efforts to train a diverse cybersecurity workforce, and the expansion of a Cybersecurity Initiative for Industrial Control Systems, from public services to natural gas pipelines, among others.
Have you been affected by a 'ransomware' attack?
This is what you should do
Who are cyber hackers?
2:07
These are all welcome moves, but there is much more that government and industry can do:
First, the Government must act where companies cannot and take every action in its power to disrupt the
ransomware
activities of
foreign states and their criminal gangs.
That means exerting diplomatic pressure, linking progress in disconnecting
ransomware
groups
with easing sanctions on the countries where the groups reside, indicting bad actors abroad, extraditing and prosecuting them, and (potentially) taking cyber action. offensive against
ransomware
groups
.
Second, the Biden administration should incentivize companies to prepare for
ransomware by
setting specific guidelines on what companies should do to prepare for and respond to
ransomware
attacks
.
At this moment, the Government speaks from both sides of the mouth.
His official position is that companies should not pay ransoms, but he recognizes that often the best thing for the company (and the public) is to pay.
The FBI urges victims to coordinate with law enforcement on
ransomware
incidents
and to share whether the ransom has been paid and through which bitcoin address.
Ransomware group that attacked a meat supplier mysteriously disappears from the internet
This ambiguity makes it difficult for companies to manage the risks of
ransomware
because they are unsure of the steps to take to resolve these issues, leaving them open to post-
ransomware
litigation
. In fact, the Colonial Pipeline was affected by at least two lawsuits after being victimized. If the administration does not set those standards now, it will be up to the courts to do so while they resolve these types of lawsuits.
Third, the government should work with companies that are victims of
ransomware
attacks
to recover cryptocurrencies paid to hackers, thereby interrupting the cycles that fund future attacks. In particular, the FBI worked with the Colonial Pipeline to seize more than $ 2 million in bitcoins paid to hackers, in a promising sign of what may come from the Department's recently established Digital Extortion and Ransomware Task Force. of Justice. As Deputy Attorney General Lisa Monaco said, "Following the money is still one of the most basic but powerful tools we have."
None of these actions will eradicate the commercial risks of
ransomware
, but they can help counter the democratization of violence with a common defense culture.
CybercrimeRansomware