Just weeks after a major US oil pipeline got hit by pirates, a cyberattack hit the world’s largest meat supplier. After that ? Will these criminals target hospitals and schools? Will they start attacking cities, governments and even the US military?
In fact, all of them have already been affected by ransomware. While the onslaught we’ve seen over the past month looks new, hackers holding services hostage and demanding payments have been a huge deal for years. Dozens of American cities were disturbed by ransomware, while hospitals have been hit by attacks even at the height of the pandemic. And in 2019, the The US military has been targeted. But that doesn’t mean that what we see now is just a matter of conscience. So what’s different now?
It is the result of inaction
You can’t explain the metastasis of the ransomware crisis without looking at years of US inaction. The global ransomware crisis has grown to incredible proportions during Donald Trump’s presidency. Even as America’s critical infrastructure, cities, and pipelines have been affected, the Trump administration has done little to resolve the issue, and it has gone ignored by most Americans.
The ransomware boom started at the tail end of Obama’s White House, which approached it as part of its overall response to cybercrime. It involved putting agents on the ground around the world to achieve tactical victories in countries that were otherwise uncooperative, but defending against such attacks fell low on the priority list under Trump even then. that the ransomware itself was exploding.
Today, the Biden administration is making an unprecedented attempt to tackle the problem. The White House said the hackers behind the Colonial Pipeline and JBS ransomware attacks are based in Russia and currently have efforts involving Homeland Security and the Justice Department. But as President Biden plans to discuss the attacks at an upcoming summit with Vladimir Putin on June 16, the problem goes beyond mere relations between the two countries.
It is also the result of new tactics
When the ransomware industry was booming half a decade ago, the business model for these attacks was fundamentally different and much simpler. Ransomware gangs began by indiscriminately infecting vulnerable machines with little regard for what exactly they were doing or who they were targeting.
Today the operations are much more sophisticated and the payments are much higher. Ransomware gangs are now paying specialist hackers to leave “big game hunting“and look for massive targets that can pay huge ransoms. Hackers sell access to gangs, who then extort. Everyone gets paid so generously that it has become more and more irresistible, especially because gangs are generally harmless.
There is a refuge for criminals
This leads to the next dimension of the problem: Hackers work in countries where they can avoid prosecution. They rule massive criminal empires and effectively remain immune to all attempts to subdue them. That’s what Biden will bring to Putin in the weeks to come.
The problem extends beyond Russia and, to be clear, it’s not as simple as Moscow running hackers. But the Kremlin’s tolerance for cybercriminals – and sometimes even its direct cooperation with them – is a real contributor to the rise of the criminal industry. To change this, America and other countries will need to work together to face the nations who otherwise have no problem with US hospitals and pipelines being held for ransom. The safe harbor for cybercriminals, combined with the mostly unregulated cryptocurrency used to facilitate crime, has made it very hacker friendly.
And we’re all more connected and insecure than ever
And then there’s the inevitable fact that weak cybersecurity combined with ubiquitous connectivity equates to increasingly vulnerable targets. Everything in America, from our factories to our hospitals, is connected to the Internet, but much of it is not secure enough.
Globally, the free market has repeatedly failed to solve some of the world’s biggest cybersecurity problems. This may be because the ransomware crisis is a problem on a scale that no private sector can solve on its own.
As ransomware and cybercrime increasingly becomes a threat to national security – and a threat that threatens to harm humans, as in the case of attacks on hospitals – it has become clear that government action is necessary. And so far, officials from the world’s most powerful nations have mostly been successful in watching the disaster unfold.
Instead of, what must happen to change it is a global partnership between countries and businesses to fight ransomware. There is momentum to change the status quo, including a recent major executive decree on cybersecurity outside the White House. But the work has only just begun.