How should governments effectively blunt the growth of ransomware? There is a path, but it does not involve outlawing cryptocurrency!
I see many government politicians positioning a ban of cryptocurrency as a solution for ransomware. That would simply not work. It would create an obstacle for cybercriminals, but one they would pursue to overcome. At most, it would be a temporary setback for cybercriminals.
In this week’s video, I discuss how governments can manœuvre to stop the ransomware epidemic. We must undermine the motivation of attackers by outlawing payment of digital extortion. Taking away the likely benefits of ransomware attacks is the only way to success.
Ransomware is the scourge of the digital world at the moment. Individuals, business large-and-small, and governments across the globe are being impacted.
Ransomware cybercriminal attackers infect a victim’s computer and modify the files in a way that they are not accessible to rightful users.
Mostly this is done by encrypting them.
Then they extort the victims to get the key to unlock the files. The price can be a few hundred dollars and range into the tens of millions. The average is around $100k for businesses. The current preferred method of payment is cryptocurrency.
The latest ransomware tactic is for the attacker to also steal the data and threaten to make it public if they are not paid.
Sadly, many individuals, organizations, and even government agencies are paying the criminals. Often cyber insurance policies are used to cover the extortion costs. About 40% of all cyber insurance claims are related to ransomware.
Any payment to the criminals only reinforces the bad behaviors and adds to the global problem. When the attackers get what they want, the continue to pursue victims. The world of ransomware is now swelling out of control and exceeds $20 billion per year. I believe that is a conservative estimate, as ransomware is often not reported.
There is a move that governments can make, which will greatly undermine ransomware attacks, both at a local and international levels. I discuss this idea in this week's Cybersecurity Insights video and break down why it would be so effective.
We must stop vilifying technology and start addressing the root of the problem.
Interested in more cybersecurity insights, rants, and strategic viewpoints?
Follow me on:
Matthew Rosenquist is an industry-recognized pragmatic, passionate, and innovative strategic security expert with 28 years of experience. He thrives in challenging cybersecurity environments and in the face of ever shifting threats. A leader in identifying opportunities, driving industry change, and building mature security organizations, Matthew delivers capabilities for sustainable security postures. He has experience in protecting billions of dollars of corporate assets, consulting across industry verticals, understanding current and emerging risks, communicating opportunities, forging internal cooperation and executive buy-in, and developing practical strategies. Matthew is a trusted advisor, security expert, and evangelist for academia, businesses, and governments around the world. A public advocate for best-practices, and communicating the risks and opportunities emerging in cybersecurity. He delivers engaging keynotes, speeches, interviews, and consulting sessions at conferences and to audiences around the globe. He has attracted a large social following of security peers, is an active member on advisory boards, and quoted in news, magazines, and books. Matthew is a recognized industry expert, speaker, and leader who enjoys the pursuit of achieving optimal cybersecurity. Matthew Rosenquist is experienced in building world class teams and capabilities, managing security operations, evangelizing best-practices to the market, developing security products, and improving corporate security services.