advertisement

Follow Mint Lounge

Latest Issue

Home > Smart Living> Innovation > Tough fight looms against a global ransomware epidemic

Tough fight looms against a global ransomware epidemic

At least $18 billion was paid to attackers last year, with hackers targeting local governments, hospitals and other critical sectors

An alert from the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency is photographed on Tuesday, April 20, 2021.
An alert from the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency is photographed on Tuesday, April 20, 2021. (AP)

The latest wave of ransomware attacks hitting the United States and globally portends a difficult battle against hackers, even as government and the private sector ramp up defenses.

The attacks hitting the Colonial Pipeline and the major JBS meatpacking operations are examples of a burgeoning cybercrime industry with the potential to inflict pain and extract profits by impacting "critical" networks, experts say.

Other recent targets include local governments, hospitals, insurers, a ferry system and others in the United States and globally, with many of the attacks attributed to Russia-based hackers operating with at least tacit approval from the Kremlin.

Also read: State-sponsored cyber attacks have corporates worried

At least $18 billion was paid to ransomware attackers last year, according to the security firm Emsisoft, which found "tens of thousands" of victims so far in 2021.

"Ransomware is hitting epidemic proportions and business as usual isn't going to cut it," said Frank Cilluffo, director of Auburn University's McCrary Institute for Cyber and Critical Infrastructure Security.

A JBS Processing Plant stands dormant after halting operations on June 1, 2021 in Greeley, Colorado. JBS facilities around the globe were impacted by a ransomware attack, forcing many of their facilities to shut down.
A JBS Processing Plant stands dormant after halting operations on June 1, 2021 in Greeley, Colorado. JBS facilities around the globe were impacted by a ransomware attack, forcing many of their facilities to shut down. (AFP)

Parham Eftekhari, chairman of the Institute for Critical Infrastructure Technology, a thinktank focused on cybersecurity, noted that a rush to digitization of more systems has opened up more avenues for hackers. "We are prioritizing speed to market, functionality, profits and business objectives over security," Eftekhari said.

US officials in recent days have signaled a stepped-up effort on ransomware, calling these investigations a "top priority" and comparing the effort to the post-September 11 attacks fight against terror.

Covert US response

The Justice Department said Monday it recovered more than half of the $4.4 million ransom paid by Colonial Pipeline, in a rare success story.

"The recovery of the ransom is, obviously, a positive as it signals to cybercriminals that their ill-gotten gains are not necessarily beyond the reach of law enforcement," said Brett Callow, analyst at the security firm Emsisoft.

But Callow said ransomware remains a scourge because "the financial rewards are huge (and) the chances of being caught are near-zero... we still have a very, very long way to go before the ransomware problem will be solved."

Representations of the Bitcoin cryptocurrency are seen in this picture illustration taken June 7, 2021. Making cryptocurrency transactions easier to trace could aid the fight against ransomware by curbing anonymous transactions, some analysts say.
Representations of the Bitcoin cryptocurrency are seen in this picture illustration taken June 7, 2021. Making cryptocurrency transactions easier to trace could aid the fight against ransomware by curbing anonymous transactions, some analysts say. (REUTERS)

Following sanctions imposed on Moscow, US officials have said little about future responses, but analysts believe there is considerable activity under the radar.

"The US government appropriately responds sometimes in a covert manner," said Eftekhari. "We have the greatest cyber offensive and defensive abilities on the planet."

But security specialists say cyber defense is complex and requires actions across the board, including training for employees to avoid mistakes that let malicious actors into networks.

Security firm Proofpoint found in a recent survey that two-thirds of computer security officers acknowledge they are unprepared to cope with a future cyberattack, noted Proofpoint's Lucia Milica.

"Human error is one of the biggest vulnerabilities and we've seen that remote work has made networks more vulnerable," Milica said.

Line in the sand?

The latest attacks, on the heels of big data breaches affecting Microsoft email servers and the widely deployed SolarWinds security software, raise questions about protecting 16 "critical infrastructure" sectors including energy, utilities, defense, food and manufacturing.

James Lewis, head of technology policy at the Center for Strategic and International Studies, said these sectors have been victimized frequently but that successes are obscured by high-profile hacks.

"We probably need to rethink what critical infrastructure is," Lewis said, suggesting that the label be used for public safety and national security.

Holding tanks are seen in an aerial photograph at Colonial Pipeline's Dorsey Junction Station in Woodbine, Maryland. The Justice Department said Monday it recovered more than half of the $4.4 million ransom paid by Colonial Pipeline.
Holding tanks are seen in an aerial photograph at Colonial Pipeline's Dorsey Junction Station in Woodbine, Maryland. The Justice Department said Monday it recovered more than half of the $4.4 million ransom paid by Colonial Pipeline. (REUTERS)

Lewis said one lesson from the recent pipeline attack was panic buying of gasoline, which made the situation worse. Making cryptocurrency transactions easier to trace could aid the fight against ransomware by curbing anonymous transactions, some analysts say.

Lewis said this is a good idea but that "a more sophisticated approach would be for central banks to issue their own digital currencies, which could dry up the market for cryptocurrencies."

Cilluffo said the fight against ransomware will require a broad array of weapons. "You really need to bring all instruments of power to bear: covert, diplomatic, military, sanctions," he said.

A summit next week with President Joe Biden and Russian counterpart Vladimir Putin offers a key moment for Washington to "draw a line" against Moscow for providing a haven for hackers, said Cilluffo.

"Cyber has to be items one, two and three," he said. "Having a president put markers in the silicon around cyber behavior is important because it comes with the full weight of the federal government."

Also read: UK cyber spies took down 15-times more scams last year

Next Story