The Oncoming Ransomware Storm

Let me paint a picture of a bleak future, that seems to be racing towards us much faster than the public may know about. It’s a future in which ransomware and mass data theft are so ubiquitous they’ve worked their way into our daily lives.

Ransomware, for those that don’t know, is the automated exploitation of computer networks that aims to extract cash from the owner of that network. These attacks are usually done by foreign actors and they use cryptocurrency as the medium of exchange for extortion between them and their victims.

Now this is not a new phenomenon by any means. But what is new is that the level of these attacks has gone parabolic in the last few years because of one simple fact. With the addition of bitcoin to the problem it’s insanely profitable, low-risk, and almost the perfect crime. It’s also a very real economic tool that nation states can use to disrupt each other’s infrastructure.

The singular reason why these attacks are even possible is due entirely to rise of cryptocurrency. Consider the same situation on top of the existing international banking system. Go to your local bank branch and try to wire transfer $200,000 to an anonymous stranger in Russia and see how that works out. Modern ransomware could not exist without Bitcoin, it has poured gasoline on a fire we may not be able to put out.

When you create a loophole channel (however flawed) for parties to engage in illicit financing of anonymous entities beyond the control of law enforcement, it turns out a lot of shady businesses models that are otherwise prevented move from being impractical and risky to perversely incentivized. Ransomware is now very lucrative to the point where there is a whole secondary market of vendors selling Ransomware as a Service picks and shovels to the criminals.

And the scale of the net that can be cast across the world is vast. In the last week we’ve seen a large chunk of the east coast energy grid infrastructure disabled due to an attack. Across the pond we’ve seen the entire NHS hospital service shutdown because hackers will indiscriminately target the weakest and most vulnerable IT targets regardless of the human cost. Hospitals, schools, charities … everyone is an indiscriminate target in this brave new world.

The scary part, is there is almost nothing that can be done from an information security standpoint. Software is not going to magically become more secure any faster, even the most capitalised companies in the United States aren’t able to stave off the new generation of software exploits that are dropping every other day. There are too many exploits in the wild and there’s no stopping a massive increase in discovery, especially when billions of dollars are stake for their immediate use in ransomware. Our entire field is bad at what we do and if you rely on us to fix this, we’re doomed.

This battle cannot and will not be won on the technology side alone. The tech industry can’t solve this. It requires legislation and intervention in the financial system at only the level nation states can act.

Cryptocurrency exchanges are the channel by which all the illicit funds in this epidemic flow. And it is the one channel that the US government has complete power to rein in and regulate. The free flow of money from US banks to cryptocurrency exchanges is the root cause of this pandemic and needs to halt. Through sanctions, control of the SWIFT network, and our allies in NATO the federal government has all the tools to put a stop to these illicit flows. Nothing of value would be lost by shutting off the spigot of dark money and darknet trade. Cryptocurrencies are almost entirely used for illicit activity, gambling and investment frauds, and on the whole have no upside for society at large while also having unbounded downside and massive negative externalities.

I fear we are at a critical point where there is not much time left before this new cyberpandemic reaches critical mass. And indeed, that looks like a very scary future if it comes to pass. Some very dark things will become part of public life.

Imagine a hundred new Stuxnet-level exploits every day, for every piece of a equipment in public works and health care. Where every day your check your phone for the level of ransomware in the wild just like you do the weather. Entire cities randomly have their metro systems, water, power grids and internet shut off and on like a sudden onset of bad cybersecurity “weather”.

Or a time in business in which every company simply just allocates a portion of its earnings upfront every quarter and pre-pays off large ransomware groups in advance. It’s just a universal cost of doing business and one that is fully sanctioned by the government because we’ve all just given up trying to prevent it and it’s more efficient just to pay the protection racket.

Imagine a world in which every other month you’re forced to bid for your personal data back from hackers who continuously rob you. And a world where all of this is is so commonplace there are automated darknet marketplaces where others can bid on your data, and every detail of your personal life is up for sale to the highest bidder. Every private text, photo, email, and password is just a digital commodity to be traded on the market. Because that’s what the market demands and that’s what capitalism left unchecked will provide.

I don’t want to live in that world. Do you?