Geopolitics of Ransomware

Photo: A sign tells drivers that gas pumps are empty as stations from Florida to Virginia began running dry and prices at the pump rose as the shutdown of the Colonial Pipeline by hackers sparked panic buying by motorists, in Falls Church, Virginia, U.S., May 12, 2021. Credit: REUTERS/Kevin Lamarque/File Photo
Photo: A sign tells drivers that gas pumps are empty as stations from Florida to Virginia began running dry and prices at the pump rose as the shutdown of the Colonial Pipeline by hackers sparked panic buying by motorists, in Falls Church, Virginia, U.S., May 12, 2021. Credit: REUTERS/Kevin Lamarque/File Photo

Time to stop tolerating pirates — and their lairs

The First Barbary War of 1801-1805 deserves to be remembered. Not just because of its unusual configuration: the United States fought alongside Sweden against a ragtag collection of North African entities. Nor because of the intrepid soldiering by the U.S. Marines (eight of them), immortalized in their hymn: “to the shores of Tripoli”. Nor because their efforts resulted in the U.S. raising its flag in victory on foreign soil for the first time. The war’s pressing contemporary significance stems from its goal: to punish the corsairs, the pirate states that were attacking American merchant vessels, seizing their cargoes, and demanding ransoms for their crews.

The corsairs’ modern heirs roam not the seas but the internet. But their business model is similar: steal things and extort ransoms. Instead of oared galleys, they use computer code that encrypts and steals data from businesses, government agencies, and other organizations. Recent targets of this include Ireland’s health service and the Colonial oil pipeline in the U.S.

If the victims pay up, they are provided with a key that unlocks their data and life continues. If they refuse, they lose it forever — or risk its release to the public, with all the embarrassment and other damage that this may entail.

But whereas 220 years ago, Thomas Jefferson demanded that the U.S. stop paying ransoms and start naval operations against the pirates, his successors in the U.S. and elsewhere have mainly responded with handwringing. The victims of ransomware attacks typically pay up — often claiming the money on their cyber-insurance policies, and keeping quiet about what they have done. It is cheaper than losing the data. Nobody gets punished. The result: the crime is lucrative and risk-free.

This is a splendid deal for the two dozen gangs that run the industry, who “earned” at least $18 billion in ransoms in 2020. This money does not just make bad people rich. It also funds product development and marketing. We — taxpayers, consumers, shareholders — are financing the next wave of attacks. They will be worse: ransomware from a technical point of view is essentially quite primitive. It is easily defeated, for example, if people in charge of computer systems regularly and thoroughly back up their data.

Belatedly, standards are now rising. The U.S. government is using its clout as a purchaser to insist on this. Suppliers with sloppy practices will not be eligible to tender. Efforts also seem to be underway to make life more difficult for the pirates. The prominent DarkSide hackers have closed down, at least for now, issuing a plaintive public announcement citing pressure from the U.S.

An immediate priority should be to regulate cryptocurrencies — the anonymous digital money on which the criminal economy functions. National governments may struggle in cyberspace, but they do set the rules by which people acquire mansions, yachts, private jets, education for their children, and other desirable goods and services. Nobody forced us to make these goodies available to our persecutors: we chose to allow this. We can choose to forbid it too. Who will bother making a fortune in bitcoin and similar means of exchange if they cannot spend it in the real world?

Fundamentally these gangs operate with impunity because they are based in places like Russia and China. Their governments are happy to see the West weakened and offensive capabilities developed. A tool wielded by a criminal today can be useful for a cyber-warfare agency tomorrow.

These countries are the pirate lairs of the modern era. They should remember the fate of their swaggering predecessors, who were crushed — eventually — by a united effort of the civilized world.

 


Photo: A sign tells drivers that gas pumps are empty as stations from Florida to Virginia began running dry and prices at the pump rose as the shutdown of the Colonial Pipeline by hackers sparked panic buying by motorists, in Falls Church, Virginia, U.S., May 12, 2021. Credit: REUTERS/Kevin Lamarque/File Photo

May 16, 2021