Ransomware continues to cause damage across the world. Rarely a week goes by without another company, or city, or hospital, falling prey to the gangs who will encrypt the data across PCs and networks and demand thousands or millions in exchange for setting it free.
These aren’t victimless crimes; every successful attack means a company facing huge costs and risking being pushed out of business, or public services disrupted just when we need them, or medical services put in jeopardy in the middle of a crisis.
And yet it seems impossible to stop the attacks or catch the gangs. That’s because the ongoing success of ransomware reflects many of the real world failings of technology which we often forget or gloss over.
There are obvious, fundamental weaknesses that ransomware exploits. In some cases these are problems that have existed for years, that the tech industry has failed to address; others are issues that are, right now, beyond the skills of smartest entrepreneurs to tackle right.
A few examples spring to mind. Hackers would be unable to gain even their first foothold if companies took security seriously. That means applying patches to vulnerable software when they are issued, not months or years later (or never). Equally, companies wouldn’t be on the tedious treadmill of applying constant security updates if the tech industry shipped software code that was secure in the first place.
And while we tend to think of the borderless world of the internet, the real world of geopolitics looms large when it comes to ransomware as many of these gangs operate from countries which have no interest in catching such crooks or handing them over to police in other jurisdictions. In some cases that’s because the ransomware gangs are bringing in much needed funds for the country; in other cases so long as the gangs aren’t going after local victims, the authorities are quietly happy for them to create havoc elsewhere.
It’s not all doom and gloom; the fight back against ransomware is advancing on a few fronts.
Intel has showcased some new hardware-level technologies which it says will be able to detect a ransomware attack that antivirus alone might miss.
A group of tech companies including Microsoft,Citrix and FireEye are working on a three month project to come up with options which they promise will “significantly mitigate” the ransomware threat by identifying different ways of stopping such attacks. And more political pressure should be put on the states that are happy to let ransomware gangs flourish within their borders.
And there is also a need to put more pressure on governments to look at whether and in what circumstances it should be acceptable to pay the ransom at all. Profit is the only reason that ransomware exists; if it is possible to stop the gangs from making their big payday then the problem goes away almost immediately.
Everyone seems to agree that ransomware is a menace that can no longer be ignored. Now we need to see some tangible progress before these attacks create more chaos.