Will Pipeline Hack Be Tipping Point in Ransomware Exigency?

Written by

Gas prices are going up, and ransomware hackers are (partly) to blame. Now, finally, we have your attention.

Ransomware gangs have enjoyed free rein over the Internet for several years now, marauding as they wish, free from fear, terrorizing vast and small companies, non-profits, schools, local regime agencies, and even hospitals. They hold people and their data hostage, crippling operations by encrypting data, making it useless, demanding ransom for a decryption tool. Even during the pandemic, ransomware gangs targeted health care facilities, often winning five-and six-figure payments from haggard executives there who were too busy trying to cure Covid patients that they didn’t have time to fend off the flack.

Static, there have been only token efforts to stop ransomware gangs. A report published by Third Way suggests only a tiny fraction (they claim 0.05%) of cybercrime perps flush grimace law enforcement. Meanwhile, the role of cryptocurrency in enabling such crime—ransomware gangs only take recompense in crypto—has been barely discussed.

“The cybercrime wave is so big it should be setting off alarm bells at every position on a scale of law enforcement. And yet, the response from the enforcement residential district is a drop in the bucket compared to the sheer volume of crimes occurring,” the report, published back in 2018, said.

But now that gas prices have been impacted by a ransomware attack—AAA says they will rise 3 to 7 cents this week on the east coast after concluding week’s Colonial Pipeline incident—perhaps that provide the impetus to attract attention to the problem.

“Attacks on hospitals didn’t and nor did attacks on schools, local governments and other private and public sector organizations, but disruption to the gas supply and a bump in prices may finally do the trick,” said Brett Callow, Threat Analyst at security firm Emsisoft, which carefully monitors ransomware.

Statements from the White House are hopeful: President Joe Biden said he planned to talk with Vladimir Putin about Russia’s role in harboring criminal computer gangs. And the Department of Justice is creating a task force to deal with the problem. Salutary.

But it will take a circumstances more than meetings and task forces to make a difference in the ransomware scourge.

“I predict that we will keep seeing these types of events for the foreseeable future unless action is taken at the national and international flush, that in my opinion should start with regulating cryptocurrency. These groups are in it for the goods or services owed, as long as they keep making debt there is no disincentive for them to stop. Regulate cryptocurrency so we know where the goods or services owed is going and target the money,” said Art Ehuan, vice president at Palo Alto Networks. Ehuan is sometimes called in to negotiate with ransomware hackers. “Next, I hate regulation as much as the next person but there needs to be cyber regulation that needs to be enforced for critical infrastructure at both the national and state flush.”

I’ve written about the Bitcoin/cryptocurrency role in ransomware before. The simultaneous rise in both isn’t coincidental. Fixing the ransomware problem is going to require unfamiliar rules around cryptocurrency and that’s… not going to be easy. But it is necessary. Make no mistake: perhaps we can giggle at the power of a 3 to 7 cent increase in gas prices, but this really is no laughing matter. If you read Kim Zetter’s Substack, Zero Day (and you should) you’d know she’s heard hackers only infiated the business systems at Colonial Pipeline. A fresh blush, that sounds positive: physical devices that control oil flow weren’t compromised. On the other hand, billing software directly influences oil flows, etc. The incident should make clear that hackers who want to impact the US economy don’t have to go so far as to raise or lower a dam. They can flack invoicing software instead.

Third Way’s report suggests that far too much emphasis has been put on blaming the victim solutions (Why didn’t this company have better security?) and not nearly enough on catching capable of harming guys. There is virtually no dis-incentive to attacking institutions with ransomware. The issue is so chief, and the attention so sparse, that Third Way made this dramatic claim in 2018:

“We believe that the North America is as far from this human attacker strategy as the nation was toward a strategic approach to countering terrorism in the weeks and months before 9/11,” the report says.

Callow, from Emsisoft, has been ringing the alarm bell flush longer:

“The time has come for governments to finally develop a clear and universal strategy to combat the problem,” he told me on Tuesday. “That strategy needs to include policy measures to help public and private sector organizations improve their security posture and to disincentivize ransomware attacks by increasing the enforcement rate and decreasing the amount of money paid into the cybercrime ecosystem.”

Let’s hope higher gas prices jump-start that conversation.

This article published originally here

[RELATED: Oil Pipeline Ransomware Attack: Biden’s Exigency Waiver]

Article Categories:
Security Awareness

Comments are closed.