François Picard / AFP via Getty Images
The United States suffered 65,000 ransomware attacks last year, or more than seven per hour. And it will probably get worse.
What was previously considered a nuisance is quickly becoming a national security issue as cybercriminals target key pieces of the country’s infrastructure. A recent attack on Colonial Pipeline sparked panic buying that emptied many gas stations in the southeast, while another attack on JBS raised concerns about the national beef supply.
The upsurge in attacks has been brewing for years. Last year there were 65,000 ransomware attacks, according to Recorded Future, a Boston-based cybersecurity company.
Businesses and institutions have long neglected their computer systems, exposing them to hacking, experts say. The pandemic has made them more vulnerable as many Americans use personal modems and routers to work from home.
Stopping the attacks will be difficult. Criminals today can easily find sophisticated malware in the dark corners of the web, and the growing popularity of cryptocurrencies such as Bitcoin further emboldens cybercriminals by making it easier for them to evade law enforcement. and financial regulators.
And then there’s the most important reason of all: attacks are likely to continue because they work.
“This is just the start,” says Holden Triplett, founder of cybersecurity consulting firm Trenchcoat Advisors.
“And it’s going to get worse,” he notes.
A malware attack puts an executive in a difficult position. First, a business loses access to its sensitive systems or data. Then there are ripple effects. If a hack becomes public, it could affect a company’s stock price, or worse, create a nationwide problem.
Colonial last month decided to pay $ 4.4 million to unlock its computer systems after a cyber attack forced the company to shut down a critical fuel pipeline. Colonial CEO Joseph Blount told NPR he had no choice.
“It was the right decision for the country to take,” he said in an interview last week.
Juan Zarate, who was the deputy national security adviser for counterterrorism under the administration of George W. Bush, said that the growing profile of the targets indicates how much ransomware attacks are on the rise. professionalize “.
“What you’ve had, I think, over the past two and a half years is an increase in the number of ransomware attacks, the amounts requested and the level of sophistication of those attacks,” Zarate said.
DarkSide, the Russian-based criminal group behind the Colonial Pipeline attack, even has what some experts describe as essentially a customer service contact to answer questions from the targets it attacks.
Alternative currencies offer anonymity and regulations are often quite light from country to country. In some jurisdictions, they are not even regulated. For a country like the United States, transactions can be difficult to track depending on the exchanges used by criminals.
“I think cryptocurrency has actually helped facilitate the ransomware market,” says Kiersten Todt, CEO of the Cyber Readiness Institute.
It’s become so entrenched in the cryptocurrency world that companies even buy Bitcoin so that “if they’re faced with a ransomware attack, they have it,” says Todt.
While the Justice Department was able to trace and recover a large chunk of Colonial Pipeline’s ransom payment, experts say it won’t be the norm.
This was evident in a warning from Deputy Attorney General Lisa Monaco, who had a message for leaders who might think the government will similarly come to their aid in recovering a ransom.
“We cannot guarantee, and we may not be able to do so, in all cases,” she said.
Or more simply, there are too many attacks and it is not possible to stop them all.