The author is a former director of MI6, Britain Secret Intelligence Service, and co-founder of Vega Cyber Associates
It’s easy to feel like you have nothing to do with dealing with a threat as amorphous and obviously as random as a ransom. But, like all cyber security problems, it is not as technically complex as a human problem. And that’s what people can deal with.
A recent special release of Colonial pipelines in the US and Irish health care system it should be arousing. Things are getting worse and worse because the incentives for this attack are strong and growing.
No silver bullet can solve this problem. But there are things that countries, organizations and individuals can do that, together, can persuade actors to use their undoubted skills elsewhere.
First, we must recognize that this is not just a criminal problem but also a national and political security. The people who conduct these online demonstrations want a place to live and to enjoy the results. It will not survive the realization of the general public that many who use the ransom do not have a “Russian diet”. The truth is that many are in Russia, and as long as they do not interfere with Russia’s interests, they will be left alone. President Vladimir Putin has said he does not believe he has the problem.
There is a long-standing connection between the Russian gang and the security forces. And while it is not true to blame the government for the threats, it is clear that the perpetrators would not be able to function as they would if the FSB’s home security forces sent them.
US President Joe Biden says the issue is crucial in their meeting with Putin next week. And that’s the way it should be. And he has to use carrots and a few sticks to bring out the realities of realpolitik to take the problem seriously.
I was impressed by the FBI’s success in finding a bitcoin wallet used by colonial robbers and confiscating a large portion of the ransom. The risks that have been rescued now are that using the potential of higher states is justified.
Violent trials like these should also be supported. As the head of the Secret Intelligence Service, I have personally witnessed the consequences of the non-payment of terrorists taken over by the UK and its intelligence partners. Such a process is often frustrating to use, but it is the right thing to do. Another option is to pay for what you try to avoid.
There is a reason to bring this process back to the ransom. Opponents question whether a ban on payment in a life-threatening environment would be appropriate for ethical reasons. He has a point. But a little ban, which allows for “emergency” payments, only encourages insurgents to do so. And that would be the worst of all the worlds.
If anyone admits that it has a national security problem, then it is difficult to defend the idea that governments should simply leave these elections to private citizens. As a first step, I think it should be legitimate to disclose payments in public and in detail. The attackers want to pay as an easy way out. We need to change this.
We should also look at insurance coverage and the risk of behavioral risk. Attackers often have access to insurance in advance and know how much they can get if they apply. However, insurers are now waiting to see proof of a good type of security before registering the business.
Then there is the question of cryptocurrency. It is understandable that this problem would not exist without crypto, which allows ransom to be paid in a way that keeps the recipients anonymous. This is not to say that to criticize money like this, which is clearly not going to be here. But I do recommend that you have strict rules for knowing your client and anti-money laundering laws that are relevant to the digital age.
Cryptorensets are impossible to follow: they are on the blockchain and are sometimes more accessible than cash. The challenge for law enforcement agencies is to determine the identity, or actual purpose, of the recipient or initiator. The good news is that modern data and analytics can be integrated in a way that allows for positive experiences to be distinguished from negative ones.
And then, deception. In most cases, the software that users use is based on written rules and test targets for intruders that help organizations to evaluate their performance at risk. While there are some important barriers, we need to use the means to obtain a counter-authorization and explore ways in which we can prevent the use of the legal code as required.
It follows that governments can and should do more but not enough to forgive their individuals and institutions. Much surprises are about getting the cyber security requirements right.
In the end, this is about human organization. Individually, they are easy to carry and intimidate. But all together, we are far from helpless. The attackers are bullies. And bullies come back, unless you threaten them, especially when you have them. If anything good is attacked by recent threats, the day of the event is imminent.
Source link
