DailyPost 1849

Will the global war on ransomware ever happen? The lip service to cyber security has brought us to this pass, and when the dark clouds are visible all across the horizon, we are into the ostrich mode, hiding our head in the sand. While the bad omen was made visible by the worldwide WannaCry attack of 2017, nothing great seems to have changed. Cyber Security remains to be the number one national security threat for the US since 2014 and by extrapolation for the world. A world which is a mosaic of countries existing for a variety of reasons, can they ever possibly, understand a threat of this nature and respond accordingly. We have seen this happening in reaction to the Pandemic by any number of countries, till the time it got the better of us and we are still struggling with it.

The war on terror happens in fits and starts, depending on the country, political dispensation and the political climate. A country might initiate and some others follow suit. Even today we don’t have an acceptable definition of terrorism. To each his own. It is not a taboo to align with those. It is realpolitik. Ransomware throws a more complex scenario. What might be its fate, the structure and the protocols emanating out of it, what enthuses a silver lining is that over 30 countries have pledged to fight ransomware attacks in a US led global meeting. US, the European Union and 30 other countries have understood the risk of ransomware and have decided to ”harden the financial system from exploitation with the goal of disrupting the ecosystem.”

What does ransomware impact? The official release says it all. ”From malign operations against local health providers that endanger patient care, to those directed at businesses that limit the ability to provide fuel, groceries, or other goods to the public, ransomware poses significant risk to critical infrastructure, essential services, public safety, consumer protection and privacy and economic superiority.” FinCEN has tied $5.2 billion worth of outgoing Bitcoin transactions to 10 most commonly reported ransomware variants. In the first half of 2021 alone, ransomware-based financial activity is estimated to have channelized $590 million for the threat actors. The most commonly reported variants were REvil (aka Sodinokibi, Conti, Darkside, Avaddon, and Phobos.

This is only the reported and known or estimated part of the story, the reality is throwing a doomsday scenario over and over again. From one side the Cryptocurrencies have opened the floodgates of the unconventional war against the well-established financial system, on the other, ransomware is hitting at the heart of all businesses and the critical infrastructure, inclusive of the financial one. Can we start with our first lessons of Cyber Hygiene to fight a big war; using strong passwords, securing accounts with multi-factor authentication, maintaining periodic offline data backups, keeping software up-to-date and offering training to prevent clicking suspicious links or opening untrusted documents. It moves to incident  information sharing between victims, law enforcement and CERTs and improving mechanisms to effectively respond. Let these pious statements become the new weapons of war against ransomware.   


Sanjay Sahay

Leave a Comment

Your email address will not be published. Required fields are marked *

The reCAPTCHA verification period has expired. Please reload the page.

Scroll to Top