Ransomware has grown beyond a cybersecurity threat into a global menace. Fredric Bellamy, an attorney at Dickinson Wright with experience in intellectual-property litigation as well as data privacy and cybersecurity law, believes it is time to instigate international laws authorizing nations to enforce tough responses in order to defeat cybercriminals and ransomware.
No individual or organization is immune to ransomware
Ransomware is not picky–businesses and governments of all sizes and makeup are being victimized by it. “And their customers, supply chains and citizens are also being affected,” said Bellamy in an email interview. “From grocery stores unable to sell food, staff at hospitals and medical offices unable to access patient records, and disrupted city services, ransomware is a huge and growing menace, not only for those whose computer systems are paralyzed but also for downstream victims.”
The ransomware menace is growing
The number of successful ransomware attacks is growing by leaps and bounds; Bellamy next takes a hard look at why.
Capability increases with success: It’s simple actually–making vast amounts of money allow cybercriminals to:
- Purchase better reconnaissance.
- Pay more for zero-day exploits and methodology to sabotage systems.
- Obtain sophisticated talent that specializes in different aspects of ransomware.
Availability of cryptocurrency: The ubiquity and convenience of bitcoin and cryptocurrency exchanges enable cybercriminals to extort ransoms that are harder to trace than traditional government-issued currencies.
Asymmetry of risk and reward: Again, it’s all about money. “Ransomware is accelerating because criminals are getting rich, and the risks of getting caught and prosecuted are low,” explained Bellamy.
To pay or not to pay the ransom?
Most governments advise against paying ransoms. “The U.S. government advises individuals and businesses alike not to pay ransoms to criminals, and even warns that payments to state-sponsored groups under international sanctions may be illegal,” stated Bellamy. “Yet the government’s ability to police against ransomware is problematic at best, leaving everything from meat to gasoline supplies and delivery of medical and dental services at risk.”
What about ransomware insurance?
Bellamy does not mince words. “Suggesting that defeating ransomware is a matter of best cybersecurity practices rings hollow in a world in which sophisticated businesses that take cybersecurity seriously—such as technology as well as insurance companies—have been victimized by ransomware attacks,” added Bellamy.
That said, Bellamy also believes it is still important to remind businesses and governments to employ cybersecurity best practices but suggests ransomware insurance is counterproductive. “Ransomware insurance is not the answer to the problem,” wrote Bellamy. “That kind of insurance may promote the growth of ransomware by making it even more predictably profitable and professionalizing it.”
Ransomware is a form of modern piracy
Interestingly, Bellamy considers ransomware to be the modern equivalent of piracy on the high seas. “Historically, pirates roamed the seas attacking ships for profit,” writes Bellamy. “Like cybercriminals, the sea-going pirates were often sponsored, or at least tolerated by nation states.”
Like those engaged in the spread of ransomware, sea-going pirates had an asymmetry of risk and reward. They were very successful at their trade–in particular, kidnapping citizens for ransom while rarely facing prosecution. What eventually stopped sea-going piracy was strict international enforcement and the imposition of severe penalties on the offenders.
Bellamy is not the only one comparing cybercriminals who focus on ransomware to sea-going pirates of old. He refers to Noah Feldman’s Bloomberg Opinion article Big Cyberattacks Should Be Handled by Nations, Not Lawyers (published May 13, 2021), which includes this passage:
“How piracy went from menacing seaborne threat to charming comic opera over the course of the 19th century should give policymakers some clue about how to prevent attacks by cyber pirates, like the ransomware attack that crippled the Colonial Pipeline this week.”
Why international cooperation is needed to combat ransomware
Bellamy is adamant it’s time to stop blaming businesses for their inability to protect themselves adequately against ransomware and recognize that this is an international challenge requiring the diplomatic efforts of national leaders to work toward a global solution.
“Nations need to work out global agreements for prosecuting cyber pirates based on universal jurisdiction, readily-shared information, cooperative prosecution, and most critically, international sanctions against rogue nations that harbor cyber pirates,” advised Bellamy. “Piracy needs to change from a lucrative and low-risk form of organized crime to a top-priority focus of international government-level negotiations to arrive at tough, workable solutions.”
What Bellamy is asking for seems immensely difficult, but humankind has a habit of rising to the occasion.