The ransomware epidemic
How digital extortion threatens American infrastructure
The smartest insight and analysis, from all perspectives, rounded up from around the web:
Our nation's infrastructure is facing an unprecedented onslaught of cyberattacks, said Rishi Iyengar and Clare Duffy at CNN. Last week, the country's biggest meat processor became a target of hackers demanding ransom — even as a major oil pipeline was just recovering from a ransomware attack that shut off oil to much of the Southeast. The latest victims even include the ferry to Martha's Vineyard, the Obamas' vacation spot. Hackers used to focus mainly on stealing data. But increasingly brazen perpetrators, often based in Russia, have "found a significant moneymaker in targeting physical infrastructure" and demanding payment to unlock critical systems. FBI director Christopher Wray compared the urgency of the threat to the scramble against international terrorism after 9/11. By tracing the route of the Bitcoin payment, the FBI was able to recover most of the $4.4 million paid to reopen the Colonial Pipeline. But the attacks on the oil and food industries have demonstrated "the potential to spark mayhem in people's lives."
The FBI advises victims not to pay hackers, said Rachel Monroe at The New Yorker. But many feel they have no choice, giving rise to a small industry of "ransomware negotiators." These half-dozen specialists, "and the insurance companies they regularly partner with, help people navigate the world of cyber-extortion." They have been "accused of abetting crime" by incentivizing the holding of digital hostages. But "they have no lack of clients." According to one negotiating firm, "the average ransom payment in the first three months of the year was $220,000," said Adrian Croft at Fortune. That's a 43 percent increase from the previous quarter. One consultant, Kurtis Minder, said the most "he'd ever paid on behalf of a client, a large engineering company, was $2.75 million." The fact that such payments often go unreported suggests "the scale of the problem is much bigger than publicly disclosed."
The recent surge feels new, but ransom-ware "has been a huge business for years," said Patrick Howell O'Neill at the MIT Technology Review. "Years of American inaction" have let the problem metastasize, while cybercrime gangs have become much more sophisticated. They used to "indiscriminately infect vulnerable machines without much care" for the payoff. Now they are going "big-game hunting." Despite the years of warnings, many businesses are woefully unprepared, said Nicole Perlroth at The New York Times. Their systems run on "buggy and out-of-date software nobody bothers to patch," and in some cases employees aren't even trained to "use different passwords."
"Regulators and legislators rushed to Capitol Hill" after the pipeline attack to implement new requirements, said Tim Culpan at Bloomberg. But oil companies and pipeline operators have successfully lobbied against stricter cybersecurity rules for more than a decade. "The fact that any one industry has the power to stymie" cybersecurity legislation puts our entire nation in jeopardy. Yes, some systems — nuclear power stations, for instance — may hold special dangers. But the way to make our digital borders more secure is to make sure we have no weak links.
This article was first published in the latest issue of The Week magazine. If you want to read more like it, you can try six risk-free issues of the magazine here.