Current:Home > InvestBiden Tells Putin To Crack Down On Ransomware. What Are The Odds He Will?-DB Wealth Institute B2 Reviews & Ratings
Biden Tells Putin To Crack Down On Ransomware. What Are The Odds He Will?
lotradecoin versus kraken comparison View Date:2024-12-25 15:39:36
If you want to extort millions of dollars from a large U.S. company, you can't do it alone. It takes a village. A village of hackers with advanced computer skills, who hang out on the Dark Web, and most likely live in Russia.
"Ransomware has become a huge business, and as in any business, in order to scale it, they're coming up with innovative models." said Dmitri Alperovitch, head of the technology group Silverado Policy Accelerator in Washington.
At Wednesday's summit in Geneva, President Biden called on Russian President Vladimir Putin to crackdown on cyber crimes. But the Russian leader has shown little interest in combatting an emerging criminal industry in his country that's called ransomware-as-a-service.
Three key actors in ransomware
Alperovitch said this model is its own ecosystem that includes three key players. The top tier is made up of small gangs that make the sophisticated malware that locks up the computer systems and encrypts the data at targeted companies.
More than a hundred such groups are believed to be active, though Alperovitch estimates about a dozen are doing this on a large scale. Russia and neighboring countries account for many of the gangs, he said. The best known include DarkSide, blamed for the attack on Colonial Pipeline, and REvil, accused in the hack of the meat supplier JBS.
But, he added, "The people that are building the software are not actually the ones, most of the time, that are going to use it. They're going to recruit others."
Wendi Whitmore, a senior vice president at the cybersecurity firm Palo Alto Networks, said these malware makers figured out it's more lucrative to disseminate their crippling software through a second key group, known as "affiliates."
"What they're doing is outsourcing parts of the supply chain, and then giving these (affiliates) that they work with a cut of the profits," she said.
"Affiliates" carry out the attack
The affiliates do much of the actual work. They launch the malware attack, demand the ransom, negotiate with the victimized company, and collect the money, almost always in a cryptocurrency like Bitcoin.
As a result, the affiliates usually keep most of the money, often 75 percent or more.
Still, the affiliates can't unleash these strikes until they first gain access to a company's computer network.
This brings us to the third key group — the old-fashioned hackers, or access brokers, who find a way in. If you need these guys, you'll find them on the Dark Web.
"You go into the underground forums and there's this whole category of threat actors we call an access broker," said Adam Meyers, senior vice president for intelligence at the cyberdefense firm CrowdStrike. "And what they do all day is hacking into different businesses. And then they advertise that access. You want say, company X, it's four thousand dollars."
A small price to pay if that access then leads to a multi-million dollar ransom.
Criminals trusting criminals
Of course, all these relationships require a lot of trust among criminals hiding behind online pseudonyms.
"How do you trust someone who is fundamentally untrustworthy, who is fundamentally a thief?" said Alperovitch.
"It's very difficult to get into these criminal forums. You kind of have to prove that you're a criminal by committing some act of cybercrime," he added. "They validate that you're not law enforcement. That's been a huge problem for them in the past."
Another potential pitfall is success — or more precisely — too much of it.
Ransomware groups that repeatedly pull off big heists quickly develop a reputation. While the hackers may be protected by living in a country like Russia, they still draw attention from Western cybersecurity companies and law enforcement.
These successful groups sometimes disband temporarily and lay low — only to later resurface later under a different name.
"It may be a new group, and a new team with a new coach, but they've got very capable team members," said Wendi Whitmore.
In a new report on the costs of ransomware, the firm Cybereason found that the costs of recovering from an attack often far exceed the ransom payment itself.
A survey found that even when the hackers provided a "key" to unlock data following a ransom payment, information was corrupted in nearly nearly half the cases. Also, about two-thirds of companies reported significant drops in revenue following an attack.
Biden's warning
At Wednesday's summit, Biden said he would respond if the U.S. continues to be hit, especially in a critical industry, like energy supplies of the water system.
"Responsible countries need to take action against criminals who conduct ransomware activities on their territory," Biden said at a news conference immediately following the summit.
Russian hackers already take precautions not to hit organizations in their homeland or in friendly countries. Putin could tell Russian hackers to cut out the attacks on the U.S. if he wants to, said Alperovitch.
"They're not part of his inner circle. They're not generating any significant revenue for the Russian state," Alperovitch noted. "So this is the one issue that, if pressed on, Putin can actually give on, and and we can get some concessions."
So will he? Biden said he expects the answer to be clear within a few months.
Greg Myre is an NPR national security correspondent. Follow him @gregmyre1.
veryGood! (9)
Related
- Streamer stayed awake for 12 days straight to break a world record that doesn't exist
- Shooting kills 3 teenagers and wounds another person in South Carolina
- UN rights experts decry war crimes by Russia in Ukraine and look into genocide allegations
- How El Nino will affect the US this winter
- Stuffed or real? Photos show groundhog stuck inside claw machine
- Kyle Richards Addresses Paris Trip With Morgan Wade After Shooting Down Romance Rumors
- With a government shutdown just days away, Congress is moving into crisis mode
- Costco partners with Sesame to offer members $29 virtual health visits
- Sofía Vergara Responds After Joe Manganiello Says Her Reason for Divorce Is “Not True”
- Keeping it 100: As Braves again surpass wins milestone, Atlanta's team cohesion unmatched
Ranking
- Red Cross blood inventory plummets 25% in July, impacted by heat and record low donations
- California governor signs law barring schoolbook bans based on racial, gender teachings
- Your Ultimate Guide to Pimple Patches
- Powerball jackpot rises to estimated $785 million after no winning tickets sold for Saturday's drawing
- Collin Gosselin claims he was discharged from Marines due to institutionalization by mom Kate
- In new effort to reset flu shot expectations, CDC to avoid messages that could be seen as a scare tactic
- Pennsylvania state trooper charged with using job to apprehend, forcibly commit ex-girlfriend
- 5 Bulgarians charged with spying for Russia appear by video in UK court
Recommendation
-
Ranking MLB jersey advertisements: Whose patch is least offensive?
-
First Black female NYPD police surgeon sworn in
-
Pakistani raid on a militant hideout near Afghanistan leaves 3 militants dead, the military says
-
Bruce Willis’ Wife Emma Heming Shares Update on Actor After Dementia Diagnosis
-
Alabama Supreme Court authorizes third nitrogen gas execution
-
Why many business owners would love it if you stopped using your credit card
-
Pennsylvania state trooper charged with using job to apprehend, forcibly commit ex-girlfriend
-
Trump campaigns in South Carolina after a weekend spent issuing threats and leveling treason claims