Thursday, 21 October, 2021

Tackling Ransomware Pandemic

Md. Farooque Hossain

Tackling Ransomware Pandemic
Md. Farooque Hossain

Popular News

In the past, kidnappers holding their prey such as individuals, buildings, airports, airplanes etc at gunpoint for ransom were a common scene of trashy old thriller movies. These days, the trend seems to be taking a place in the virtual world, which is euphemistically termed as ‘ransomware’ in tech jargon. Unlike earlier days when muscle powers played a larger part in committing such illegal actions, today most activities in cyberspace have little to do with the use of force. They are much like an intelligence contest—an effort to realise undue financial demands, steal state or company secrets and exploit them for relative advantage. But the scale, speed and ease at which that contest can now play out are surprising. In fact, the pattern of ransomware has become more global and has impinged on a wider range of industries. To make matters worse, workers logging in from home during the pandemic have almost certainly added to the risks.

In recent times, incidents of taking companies hostage worldwide by cybercriminals have been more frequent than ever. On May 7th cyber-criminals shut down the pipeline supplying almost half the oil to America’s east coast for five days. To resume the supply, they demanded a $4.3m ransom from Colonial Pipeline Company, the owner. Buckled under the situation, the company had to cough up over $4m as ransom; even so, it took several days for the oil to start flowing again.

Days later, the Health Service Executive (HSE), the state-funded healthcare provider, in Ireland was hit by a ransomware attack which led it to shut down most of its computer systems. The attackers threatened to reveal stolen data, including confidential patient records unless the HSE stumped up $20m. On July 3, supermarket giant Coop was forced to close some 500 stores in Sweden due to an ongoing colossal cyber-attack affecting organisations around the world at that time.

The stories above are in some ways par for the course. Trillions of dollars are at stake as more and more enterprises are being plagued by the ransomware menace, and some of the targets are giants. In recent months, attackers have struck JBS, the world’s biggest meat producer, and even the tech goliath Apple has not been spared.

According to a survey by London Business School, cyber-risk has more than quadrupled since 2002 and tripled since 2013. The maiden attempt at ransomware was made in 1989, with a virus spread via 1.44MB floppy disks. With the advancement of information technology at breakneck speed, and computers being built into cars, houses and factories, creating an industrial ‘internet of things’ (IOT), modes of attack on cyberspace have witnessed a marked shift along with added sophistication since more and more devices are getting connected to and reliant on a network for running day to day business activities. As a result, cybercrime is also getting from bad to worse.

A cloud of secrecy and stigma surrounding cyber-attacks aggravates the situation. Firms often gloss over any cyber incidents for fear of damaging reputations. Many of them neglect the basics, such as two-step authentication. Most companies are not as interested in investing in security measures as they do in other areas. Consequently, experts’ recommendations on staving off cyber attacks on companies' networks largely fall by the wayside. Added to this, geopolitics has become more fluid in recent times, for which one country’s state agencies are often seen being complicit in illegal actions of cyber-criminal gangs to avenge the other country. This propensity of permissive attitude towards cybercrimes is plain to see among the nations that are regarded as superpowers, racing to be so-called global power or militarily stronger. They do not even hesitate to give sanctuary to cyber-bandits.

Needless to say, over the years, financial industries have been a growing target of cybercrime. Nowadays, bank robbers prefer laptops to balaclavas. So, the financial regulators have every reason to be worried about the entire banking system collapsing. But then, other sectors which have vulnerable physical nodes such as oil pipelines, power plants, hospitals, air traffic control systems etc are no less susceptible. Any disruptions stemming from a cyber breach to the systems of these vital organisations could result in economic or service activities to a grinding halt. Not only that, the more the digital world is beset by insecurity, the more people will shy away from it and the more potential gains will be lost. So, insidiously cybercrimes affect the digitisation of industries across the board, setting back a revolution that promises to improve living standards around the world.

Cyber-insecurity is an intractable problem that obscures the perimeters between state and private actors and between geopolitics and crime. Therefore, facing up to it is often tough, if not impossible. As already stated, basic two-step verification can minimise the risk. Doing regular scanning of vulnerabilities and then timely patching of those vulnerabilities and making sure people and organisations are updating their software are imperative. Adequate investments in software, hardware and manpower having the know-how needed to act forthwith in the case of any security breach can work wonders in this.

Bad guys who hold a company's network hostage easily get away with ransom money usually paid in cryptocurrency. So, making the encashment of cryptocurrency traceable with recipient details could be a deterrent to such acts to some extent. Countries boasted about being the global power should get down off their high horses and make bonafide intents to bury the hatchets to address geopolitical issues. This could help unfold the origin of the attack and expose the cyber-invaders, and eventually bring them to book. Last but not the least, we know an attack vector is generally an email sent by hackers fishing for ransomware. So, the simple but crucial trick of always staying away from opening unknown URLs or files can be helpful to keep ransomware at bay.   


The writer is an associate engineer, Thakral Information Systems Pvt. Ltd and can be reached at: [email protected]