Will Ransomware Cause the End of the Internet as We Know It?

Is ransomware a global cyberpandemic? If not, why not? Read on …

There is an article by Samuel Greengard in the April 2021 edition of Communications of the ACM with the disturbing title “The Worsening State of Ransomware: Sophisticated, dangerous ransomware is the new normal … and there is no simple fix.” This raises the question as to whether there is any feasible fix other than closing everything down intentionally, which we know is not going to happen.

Greengard states the following

 “Living in a world teeming with ransomware is a growing concern. It is impossible to know the full extent of the damage, because many victims don’t report attacks. According to Sophos, 94% of organizations whose data was encrypted regained control of it by paying a ransom, or through backups.”

The article also indicates that, as attackers become more experienced, they are going after backups as well as primary data. As Greengard puts it: “Gangs also have begun encrypting backup systems, including cloud storage services …” This is more than just “a growing concern.” This is a disaster heading towards a catastrophe, especially as, according to Sophos, 56% of victims got their data back via backups. The report is available at sophos-the-state-of-ransomware-2020-wp.pdf

To some, ransomware might be seen as a cyberpandemic. After all, it is affecting a high percentage of organizations globally and is constantly mutating so as to be more effective. And, while there are mitigating actions, such as backing up your data, there is no cure. Since attackers need the Internet to operate in order to carry out their crimes, they are not likely to take it down intentionally. But as attacks become more complex, the likelihood of destroying the Internet accidentally increases … and that would be the ultimate cyberpandemic. Just as vaccinations reduce COVID-19 directly and indirectly by slowing down mutations because of a smaller population of infections, so reducing ransomware by improving defenses and reducing vulnerabilities decreases, but does not eliminate, the likelihood of a devastating mistake.

What will it take to reduce ransomware? According to former CISA head, Christopher Krebs, during an interview with Bill Maher on March 26, 2021, the biggest enablers of ransomware are cryptocurrencies and their anonymity. The interview is available at (536) Christopher Krebs on Cryptocurrency | Real Time with Bill Maher (HBO) – YouTube

Krebs recommends controls over cryptocurrency exchanges and persuasion of countries harboring ransomware attackers to take action against them. Easy to say, very hard and expensive to do.

This bears repeating … In order to get control over ransomware, we need to get rid of the anonymity provided by cryptocurrencies. That is huge. But it is dwarfed by the enormity of the impact of ransomware.

This is a case where the magnitude of the cure is so great that no one is willing to take it on. There is little appetite for Draconian actions required to save cyberspace after having to deal with the pandemic and climate change. But, despite everything, cybersecurity should share top billings with other existential threats … because it is one.

Post a Comment

Your email is never published nor shared. Required fields are marked *