Here are some thoughts about the Ransomware problem

So I’m still catching up on Mastodon, and I know some of this might be older, so I’m finding the best ones that may still be valuable.

This is a multi toot diatribe by Brian Krebs talking about the ransomware problem. Basicly, he’s saying that we need to outlaw paying for ransoms, especially if North Korea, China and others are involved as nation state attacks.

BrianKrebs: I’ve grudgingly come around to the notion that there is only one way out of the ransomware problem: Make paying a ransom illegal. This is not very different from laws that make it illegal for US companies to pay bribes to foreign officials.

I really don’t see any other way out of this mess. Yes, some victims will unfortunately ignore any laws that say they can’t pay, but enforcement probably will not be hard.

What will be difficult are the situations where peoples’ lives are at stake in ransomware incidents This sounds callous, but we can’t afford to take the short view here anymore, and our other alternatives aren’t great either.

I’m quite certain this is an unpopular view, but we have already seen the cost of doing nothing. At least in the interests of congruity for our financial sanctions vs Russia, we should probably make this change sooner rather than later.

BrianKrebs: There are 100 ways the current ransomware problem can and probably will get worse and nastier. Every single cybercriminal or aspiring crook is now focused on ransomware or data ransom payments as THE path to financial success. It’s no longer just the Russians. It’s the Chinese, the North Koreans, and Iran.

Either way, these countries don’t just want to hurt the United States: They would rather the US died in a fire. For companies to make payments to these regimes — and their cybercriminal apparatus is always part of the regime — is bonkers, IMHO.

BrianKrebs: In the past month, ransomware assholes have shut down emergency rooms at multiple hospitals; dinged the US bond market; major shipping ports in Australia closed, e.g. We used to talk about a hypothetical scenario in which cybercriminals are having real-world, kinetic impacts. But that stuff is old news. Kinetic impacts from ransom incidents now happen on a daily basis.

I think I’ve said something similar on my own podcasts. Now, I do understand that not everyone would agree with me either, seeing how even if you had backups, it could take awhile to restore from them. With that said, I think I agree with all of this. By paying bad actors, you’re telling them that what they’re doing is pretty much good because they’re being rewarded for sending out email tricking people to run things they shouldn’t. And people are human, so even training, while good, may not be enough.

I guess we’ll see over all what people think, because what we’re doing is definitely not working, and the market I serve definitely would be prime targets for these folks. They’ve tried to get me, but I already know what to look for and I do ask questions if I’m not sure.

I’d be curious what people think whether good, bad or indifferent.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.