Hotel and entertainment company MGM was the target of a major ransomware attack last September, disrupting operations for several days and reportedly resulting in $100 million in lost revenue. In February, UnitedHealth's Change His Healthcare payment processing operations were affected by a ransomware group, resulting in an estimated $1 billion in losses per day. The increasing frequency of cyber-attacks should be a double alarm for businesses and governments who have wasted the past 25 years hopelessly tied to a grossly insecure Internet. The hackers appear to have realized that U.S. executives and policymakers were slow to come to a conclusion. Data transmission pipelines are not only a ransomware treasure, they are also easy to harvest.
It is reported that there were 623.3 million ransomware attacks in 2021, and a further 236.1 million in the first half of 2022, accounting for approximately 20% of global cybercrime. Even before ransomware was used on a large scale, Russian and northern It seems that we were defenseless against Korean interests. damages) can cripple commerce, extort money, and bring parts of modern life to a halt. And the increasing availability of relatively inexpensive cyber technologies that can be used as online weapons is rapidly shifting the balance of power, allowing states like North Korea to outperform themselves in cyberspace. It looks like this.
Ransomware is not new. This is a modern mutation of a very old extortion racket. Executives from large Italian companies were routinely kidnapped for more than 30 years until a law was passed in 1991 that allowed the government to freeze the assets of victims' families to prevent them from paying ransoms. That may have seemed harsh, but it worked. Data kidnapping began around that time. Joseph Popp, an evolutionary biologist who studied at Harvard University, allegedly sent floppy disks to addresses around the world and locked computers unless users sent money.
In response to these New World problems, Old World solutions have been attempted. For example, ransomware insurance reimburses businesses for the money paid to unlock their data. But this is exactly the wrong way to tell cybercriminals that there is gold at the end of the rainbow and eliminate businesses based on extortion of money. Making ransomware payments illegal, as Italy has done, would undermine the reason for doing business. But then it becomes imperative for organizations to isolate their data into secure, reliable, and readily available backup systems. This is an ambitious goal at best. Not much will change until policymakers decide to reconfigure the internet and control cryptocurrencies, the financial lubricants that enable crimes like ransomware.
Digital pipelines and networks need to be reconfigured into ecosystems with real authentication, governance, and policing that everyone knows how to access. Additionally, both machine intelligence and human common sense must work together to limit the impact of human mistakes that lead to network intrusions.
Handling cryptocurrencies should become easier. After all, its biggest and best use so far has been to facilitate reprehensible online crimes, such as distributing child sexual abuse material, human trafficking, and the financing of terrorism. But until cryptocurrencies are registered and regulated, and issuers are forced to submit to the jurisdiction of the countries in which they are available, ransomware will proliferate, leading to even larger and more harmful online crimes. It will be.
Despite the collapse of cryptocurrencies in 2021, the dramatic downfall of FTX's Sam Bankman Freed, and Binance's admission of crime, Congress has made it clear that random computer code with no intrinsic value You should ask yourself how it was created by people who couldn't even find it or manage it. Mysterious programmers around the world can continue to grow. And cryptocurrencies despise what all money and investments covet: backed by governments and central banks.
Cryptocurrency is so important to online crime that it still exists?
Given that bringing order to the wilds of cyberspace while regulating cryptocurrencies is offensive to crypto enthusiasts, inconvenient for users, costly for businesses, and difficult for governments. It may seem like a daunting task. The increasing blizzard of hostile cyber events only seems to further numb us to the fact that our safety is at risk. This is because many of these events may be initial reconnaissance missions by adversaries seeking to identify the most effective ways to petrify networks and steal databases. , generating billions of dollars and even prosecuting cyber warfare. If so, some digital inconvenience and increased online costs may be a small price to pay.
Thomas P. Vartanian served as banking regulator in the Carter and Reagan administrations and is currently executive director of the Center for Financial Technology & Cybersecurity. He is the author of “The Unhackable Internet.”
Copyright 2024 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.
