The Cybersecurity 202: Russia’s the capital of ransomware but it’s not the only player
Is China primed to become a global hot spot for ransomware and other cybercrimes?
That question was sparked by a White House statement this week accusing Beijing’s Ministry of State Security of contracting with criminal gangs for some of its hacking work and turning a blind eye to their cybercrimes for profit.
Among the cybercrimes were ransomware attacks, including one that locked up computers at a U.S. company. The hackers demanded millions of dollars to unlock the computers, a senior administration official said. The accusations came as part of a broader international condemnation of Chinese government hacking mostly tied to a breach of Microsoft email servers.
The accusations highlight how ransomware – which has become nearly synonymous with Russia following a string of high-profile attacks – is actually a far more global problem.
They also underscore a difficult truth: Even if Russian President Vladimir Putin accedes to President Biden’s demands that he dramatically clamp down on ransomware gangs operating out of Russian territory, the threat could migrate elsewhere – propelled by the multimillion-dollar payouts those gangs are demanding.
“This is going to be broader than just Biden putting pressure on Putin to stop ransomware. That’s not going to stop this altogether,” Katie Nickels, director of intelligence at the cybersecurity firm Red Canary, told me.
“Ransomware is so massively profitable that if Russia becomes hostile territory, we’d start to see operators in Brazil or North Korea or elsewhere,” Brett Callow, a threat analyst at the cybersecurity firm Emsisoft, told me.
Source: Washington Post