Feature

The ransomware epidemic

How digital extortion threatens American infrastructure

The smartest insight and analysis, from all perspectives, rounded up from around the web:

Our nation's infrastructure is facing an unprecedented onslaught of cyberattacks, said Rishi Iyengar and Clare Duffy at CNN. Last week, the country's biggest meat processor became a target of hackers demanding ransom — even as a major oil pipeline was just recovering from a ransomware attack that shut off oil to much of the Southeast. The latest victims even include the ferry to Martha's Vineyard, the Obamas' vacation spot. Hackers used to focus mainly on stealing data. But increasingly brazen perpetrators, often based in Russia, have "found a significant moneymaker in targeting physical infrastructure" and demanding payment to unlock critical systems. FBI director Christopher Wray compared the urgency of the threat to the scramble against international terrorism after 9/11. By tracing the route of the Bitcoin payment, the FBI was able to recover most of the $4.4 million paid to reopen the Colonial Pipeline. But the attacks on the oil and food industries have demonstrated "the potential to spark mayhem in people's lives."

The FBI advises victims not to pay hackers, said Rachel Monroe at The New Yorker. But many feel they have no choice, giving rise to a small industry of "ransomware negotiators." These half-dozen specialists, "and the insurance companies they regularly partner with, help people navigate the world of cyber-extortion." They have been "accused of abetting crime" by incentivizing the holding of digital hostages. But "they have no lack of clients." According to one negotiating firm, "the average ransom payment in the first three months of the year was $220,000," said Adrian Croft at Fortune. That's a 43 percent increase from the previous quarter. One consultant, Kurtis Minder, said the most "he'd ever paid on behalf of a client, a large engineering company, was $2.75 million." The fact that such payments often go unreported suggests "the scale of the problem is much bigger than publicly disclosed."

The recent surge feels new, but ransom-ware "has been a huge business for years," said Patrick Howell O'Neill at the MIT Technology Review. "Years of American inaction" have let the problem metastasize, while cybercrime gangs have become much more sophisticated. They used to "indiscriminately infect vulnerable machines without much care" for the payoff. Now they are going "big-game hunting." Despite the years of warnings, many businesses are woefully unprepared, said Nicole Perlroth at The New York Times. Their systems run on "buggy and out-of-date software nobody bothers to patch," and in some cases employees aren't even trained to "use different passwords."

"Regulators and legislators rushed to Capitol Hill" after the pipeline attack to implement new requirements, said Tim Culpan at Bloomberg. But oil companies and pipeline operators have successfully lobbied against stricter cybersecurity rules for more than a decade. "The fact that any one industry has the power to stymie" cybersecurity legislation puts our entire nation in jeopardy. Yes, some systems — nuclear power stations, for instance — may hold special dangers. But the way to make our digital borders more secure is to make sure we have no weak links.

This article was first published in the latest issue of The Week magazine. If you want to read more like it, you can try six risk-free issues of the magazine here.

Recommended

The daily business briefing: July 30, 2021
Biden in Pennsylvania
Business briefing

The daily business briefing: July 30, 2021

Fighting poverty is easy
Money.
Picture of Ryan CooperRyan Cooper

Fighting poverty is easy

3 cheers for the bipartisan infrastructure deal
A handshake.
Picture of Noah MillmanNoah Millman

3 cheers for the bipartisan infrastructure deal

Mike Lindell says he's pulling MyPillow ads from Fox News after dispute over commercial
Mike Lindell.
badvertising

Mike Lindell says he's pulling MyPillow ads from Fox News after dispute over commercial

Most Popular

Tom Brady's 'gentle' roast of Trump at Biden's White House: 'Deeply vicious'?
Tom Brady, Joe Biden
Quotables

Tom Brady's 'gentle' roast of Trump at Biden's White House: 'Deeply vicious'?

Olympian Dominique Moceanu: Simone Biles demonstrating agency I lacked
Simone Biles.
take care of yourself

Olympian Dominique Moceanu: Simone Biles demonstrating agency I lacked

The 'potential silver lining' to a breakthrough COVID-19 infection
COVID-19 testing site.
the coronavirus crisis

The 'potential silver lining' to a breakthrough COVID-19 infection