(Reuters) – A ransomware attack on top U.S. fuel pipeline operator Colonial Pipeline has brought attention to the growing area of cybercrime.
The following are some details on ransomware and the issues around it:
What is ransomware?
- Ransom software works by encrypting victims’ data; typically hackers will offer the victim a key in return for cryptocurrency payments that can run into the hundreds of thousands or even millions of dollars. If the victim resists, hackers are increasingly threatening to leak confidential data in a bid to pile on the pressure.
The ransomware group DarkSide suspected by U.S. authorities of the Colonial Pipeline attack, said in an unusual statement that it wanted to make money but did not say how much https://www.reuters.com/business/energy/statement-suspected-us-pipeline-hackers-say-they-dont-want-cause-problems-2021-05-10.
How widespread is it?
- Ransomware gangs collected almost $350 million last year, up threefold from 2019, according to members of a public-private group called the Ransomware Task Force. While the magnitude of the DarkSide breach is significant, other kinds of attacks have arguably been more destructive. In 2017 the so-called WannaCry cyberattack crippled hospitals, banks and other companies across the globe. The U.S. government https://www.reuters.com/article/us-usa-cyber-northkorea/u-s-blames-north-korea-for-wannacry-cyber-attack-idUSKBN1ED00Q said the attack cost billions and blamed North Korea. NotPetya malware, which struck Ukraine the same year but also did damage worldwide, similarly racked up billions in costs.
What is being done to stop it?
- In April the U.S. Department of Justice established a government group on ransomware. Central bank regulators and financial crime investigators worldwide are also debating if and how cryptocurrencies, which are used to pay the ransoms, should be regulated.
What was the last major attack on U.S. infrastructure?
- In October 2020 Eastern European criminals targeted dozens of U.S. hospitals with ransomware, including in Oregon, California and New York. The FBI and Homeland Security officials subsequently led a conference for hospital administrators and cybersecurity experts.
What can be done to stop ransomware?
- Criminals using ransomware to extort money don’t always use the most sophisticated methods. Biden administration official Anne Neuberger said, for example, that the DarkSide ransomware was a “known variant” and said some breaches can be thwarted by making sure computer networks have installed up-to- date patches.
(Compiled by Chris Sanders; editing by Grant McCool)