The former US government’s head of cybersecurity has called on the military to target organized criminal gangs of hackers who launch ransom demand attacks on businesses and governments.
(Chris Krebs), former head of the US Cybersecurity and Infrastructure Security Agency, said: For a newspaper Financial Times: The country needs to be more aggressive in responding to hackers who demand ransom by encrypting data systems and demanding fees to unblock them.
He suggested that the cyber military attackers try to deter hackers who use ransomware by spreading private details, a tactic known as Doxing.
“You have to go after the bad guys, and I’m not just talking about law enforcement,” Krebs said in an interview with the Financial Times.
Krebs’ comments clash with traditional thinking in the cybersecurity enterprise, where experts tend to warn companies about ransomware piracy, given that it can be difficult to determine which opponent they are dealing with or the extent of their capabilities.
Ransomware attacks have become increasingly common in recent years as criminals have taken advantage of the widespread use of cryptocurrencies, such as Bitcoin, to collect payments without being tracked.
The shift to remote work during the pandemic has made companies more vulnerable to attacks, and the practice is becoming more and more common.
This is partly due to the evolution of the ransomware as a service market, where hackers lease their expertise to criminals who don’t have the required programming skills needed to launch an attack.
The number of attacks increased by nearly 40 percent in the first three quarters of 2020 compared to the same period in 2019, from 142 million to 200 million, according to data from data security firm SonicWall.
Meanwhile, average ransom payments more than doubled from $ 84,000 in the fourth quarter of 2019 to nearly $ 234,000 in the third quarter of 2020, according to an analysis by Atlas VPN, a virtual private network service.
As a former head of the US Cybersecurity and Infrastructure Security Agency, Cripps was responsible for monitoring online threats from foreign countries.
He was sacked by then-President Donald Trump before it became clear that suspected Russian hackers had infiltrated the systems of several US companies and government departments in one of the most widespread attacks in recent years.
Krebs is now helping deal with the fallout from that attack as an advisor to SolarWinds, the technology company whose software has been compromised.
Large-scale state-supported breaches are now less threatening than large-scale ransomware attacks by criminals, Krebs said.
In recent years, US state and municipal governments have increasingly come under ransom attacks, with Atlanta targeted, while Baltimore has been attacked twice in two years.
“We have to have a broader set of tools to stop these things, because they are systematically undermining the ability of the state and local governments to deliver services.”