Don’t Ignore Ransomware. It’s Dangerous.

This article is part of the On Tech newsletter. You can sign up here to receive it on weekdays.

Ransomware attacks can be devastating and only get worse.

In this form of cyber crime, hackers break into computer networks and lock down digital information until the victim pays to be released. Hospitals crippled by ransomware attacks had to turn away patients, and a natural gas pipeline went offline for two days last year.

My colleague Nicole Perlroth has recorded the spread of cyber attacks, including ransomware, for years. She spoke to me about steps the US government and individual organizations could take to better prevent this. Nicole tried to be hopeful, but she has a disheartening diagnosis of the root cause of ransomware: America hasn’t invested in its defenses.

Shira: Have ransomware attacks become more common or does it just seem that way?

Nicole: It’s gotten worse. We have seen a surge in attacks, more types of organizations, and ransom demands reaching tens of millions of dollars. And ransomware gangs are hitting us more and more viscerally.

The pandemic made matters worse. Companies, schools and other organizations had to take on virtual employees. That created more opportunities for criminals.

In the last few months in particular, ransomware gangs in the US have hit large corporations, schools and universities, local governments, hospitals and the police. And they get bolder. A relatively new twist is criminals who threaten to publicly release organizations’ data if they fail to pay.

What are some of the consequences of ransomware attacks?

Criminals recently targeted a Florida police department and leaked records including a folder labeled “dead” with photos of bodies from crime scenes.

The worst thing I saw happened at the University of Vermont Medical Center. The hospital was unable to treat some chemotherapy patients because an attack erased their records. Nurses said it was one of the worst experiences of their careers.

How can anyone justify harming cancer patients or losing photos of the dead?

I have no words for it that could be printed in a family newspaper.

What is the US doing to stop or slow down ransomware?

We don’t try very hard. The United States is the hardest hit country by cyber criminals and nation states, but we don’t act that way. We mostly outline guidelines for businesses and government agencies to prevent ransomware attacks and to hope for the best. It doesn’t work.

What should be done instead?

There is no silver bullet, but there are a few steps that might help. The US government could designate ransomware as a national security threat on a par with terrorism that would devote more intelligence resources to fighting terrorism. Countries like Russia, which are safe havens for ransomware gangs, may be subject to sanctions or restrictions on travel to the US. That would put pressure on countries to prosecute ransomware criminals within their borders.

We could also require companies and government agencies affected by ransomware attacks to make them public. The Treasury Department may consider banning victims from paying ransom. Most ransomware gangs require payment in Bitcoin, and it could help track down criminals if the banking industry’s “Know Thy Customer” rules and anti-money laundering laws were enforced when exchanging cryptocurrencies.

And we need a 911 hotline for ransomware victims. Companies often do not know who to call when they are specifically addressed.

What can organizations targeting ransomware attacks do to prevent them?

If companies, government agencies, and organizations required all employees and others accessing their computer networks to use strong passwords, password managers, and multi-factor authentication, it would go a long way in preventing cyberattacks.

It would also be helpful if companies needed copies of their digital records and backed them up regularly. The victims would not be able to pay to restore their own data. The government could also provide tax credits or other financial incentives for businesses and government agencies to take these steps.

I don’t want to blame the victims, but why aren’t companies and authorities already taking these protective measures?

Many critical services are run by small organizations that do not have the resources or skills to even lay the foundations. American hospitals, schools, and governments are common ransomware targets because they typically use older software with vulnerabilities that cannot be repaired.

That sounds gloomy.

I don’t want people to feel hopeless. But yes, ransomware and other cyberattacks are only getting worse. The central problem is America’s lack of urgency and investment in protecting digital systems.

  • Beijing could be the final arbiter of its tech industry: China is trying to force big tech companies to change what has been classified as anti-competitive behavior. Instead, Chinese internet companies are using threats of government action to defeat their rivals, my colleague Li Yuan wrote in her latest column. She said this could further strengthen the Communist Party’s authority over China’s digital industry.

  • His threatening chatter was illegal: A jury in New York concluded that a man who posted online threats against members of Congress but did not respond to them was not protected by the first amendment, my colleague Nicole Hong reported. Last week, in On Tech, Nicole described this case and the line between hateful free speech and illegal threats.

  • A lot of money for big tech: Apple and Facebook have made so much money so far this year. And Amazon, which has been on a hiring frenzy, will raise hourly wages for about half a million workers.

Cellists played concerts for some music-loving cows (and people) in a village near Copenhagen. The cows didn’t seem to like Dvorak.

We want to hear from you. Tell us what you think of this newsletter and what else you would like us to explore. You can reach us at [email protected]

If you do not have this newsletter in your inbox yet, please register here.

Comments are closed, but trackbacks and pingbacks are open.