Ransomware is a growing scourge. Is it possible to eradicate this entire class of attacks? I think it is but in today’s Cybersecurity Insights interview I have a lively debate with Malcolm Harkins on criminalizing ransomware payments and different approaches to undermine Ransomware attacks!
I truly like vigorously debating cybersecurity issues with Malcolm. He brings great insights, passion, and experience to discussions with a willingness to aggressively debate in a constructive way.
We cover a lot of ground in our chat, including the potential merits of denying ransomware cybercriminals their prize by criminalizing payments, and explore other avenues to deter, protect, and prosecute ransomware attacks to mitigate risks.
Special thanks to this week’s guest, Malcolm Harkins, whom you can follow on LinkedIn: https://www.linkedin.com/in/malcolmharkins/
Please click the Like button if you found this insightful and subscribe to the Cybersecurity Insights channel for more interviews, best-practices, rants, and strategic viewpoints. https://www.youtube.com/c/CybersecurityInsights
Follow me on:
- LinkedIn: https://www.linkedin.com/today/author/matthewrosenquist
- Medium: https://medium.com/@matthew.rosenquist
- Twitter (@Matt_Rosenquist): https://twitter.com/Matt_Rosenquist
Comments
Chris Gebhardt Perhaps I am not articulating the plan clearly. Criminalizing the payments is the act which gets the first domino to fall, but it is not the actual control which inhibits attacks. What results from that first move is a chain reaction which ultimately leverages the very greed and effeciency of the cybercriminals themselves, to stop ransomware attacks. The only reason why we must criminalize the payments is because otherwise some significant percentage of victims will pay, therefore preserve the incentives for attackers to continue. We need everyone to stop paying this extortion for the attackers to move on.
I go over the details, arguments, logic, timelines, etc. in great detail in a video series available on the Cybersecurity Insights channel
https://youtube.com/playlist?list=PLuIYhlNYyCmn0cCA6OqHqfL_qGSsizxBF
We made using drugs and narcotics illegal. Still have users.
We made human trafficking illegal. Still have that.
We made homicide illegal. Still have crimes of passion.
We made insider trading illegal. Still have them.
We made tax evasion illegal. People still do it. (Who has voluntarily paid a Use Tax for something they bought in a tax free non-resident state?)
Where there is a will, there is a way. Send the money to a blind offshort trust to disperse "as it sees fit." Companies will utilize Monero cryptocurrency which obfuscates payer and receiver details in the chain. Payment would be circumstantial at that point.
Perhaps my time in law enforcement has jaded me but I don't see this as the best way to stop ransomware/theft.
Good dialog...
Chris Gebhardt Criminalizing payments stops all those organizations from funding cybercrimanls that may attack or impact you. Stop the funding of crime. As long as cybercriminals are being paid, they will continue to victimize. More attacks, more victims, and more impacts.
This is a strategic plan as there is no tactical maneuver which works. Stop the funding and the attacks will stop. Otherwise the attacks will get worse. Stopping the attacks helps everyone. Less victims and impact.
Your argument of only a victim once, has already been proven wrong. Attackers target those who have paid before with great vigor. Even if they have improved their security, they will be targeted because the attacker knows they will pay. Being paid is all that matters to them. If the community stops paying, they will move back to other crimes (DDOS, account phishing, financial fraud, etc. - which is exactly where we want them).
By the way, this strategy has been proven to work time and again with criminals. Remove the attackers objective and they don't attack.
This is a zero sum game argument. If you criminalize the payments, then you force organizations to act as criminals. They will go underground to restore their business operations. If you don't criminalize the payments, it is still a deminishing field as those attacked, who survive, come back more strong than ever before. Those that are attacked twice are fools and deserve what they get.