Current:Home > NewsBiden Tells Putin To Crack Down On Ransomware. What Are The Odds He Will?-Angel Dreamer Wealth Society D1 Reviews & Insights
Biden Tells Putin To Crack Down On Ransomware. What Are The Odds He Will?
View Date:2024-12-24 07:52:00
If you want to extort millions of dollars from a large U.S. company, you can't do it alone. It takes a village. A village of hackers with advanced computer skills, who hang out on the Dark Web, and most likely live in Russia.
"Ransomware has become a huge business, and as in any business, in order to scale it, they're coming up with innovative models." said Dmitri Alperovitch, head of the technology group Silverado Policy Accelerator in Washington.
At Wednesday's summit in Geneva, President Biden called on Russian President Vladimir Putin to crackdown on cyber crimes. But the Russian leader has shown little interest in combatting an emerging criminal industry in his country that's called ransomware-as-a-service.
Three key actors in ransomware
Alperovitch said this model is its own ecosystem that includes three key players. The top tier is made up of small gangs that make the sophisticated malware that locks up the computer systems and encrypts the data at targeted companies.
More than a hundred such groups are believed to be active, though Alperovitch estimates about a dozen are doing this on a large scale. Russia and neighboring countries account for many of the gangs, he said. The best known include DarkSide, blamed for the attack on Colonial Pipeline, and REvil, accused in the hack of the meat supplier JBS.
But, he added, "The people that are building the software are not actually the ones, most of the time, that are going to use it. They're going to recruit others."
Wendi Whitmore, a senior vice president at the cybersecurity firm Palo Alto Networks, said these malware makers figured out it's more lucrative to disseminate their crippling software through a second key group, known as "affiliates."
"What they're doing is outsourcing parts of the supply chain, and then giving these (affiliates) that they work with a cut of the profits," she said.
"Affiliates" carry out the attack
The affiliates do much of the actual work. They launch the malware attack, demand the ransom, negotiate with the victimized company, and collect the money, almost always in a cryptocurrency like Bitcoin.
As a result, the affiliates usually keep most of the money, often 75 percent or more.
Still, the affiliates can't unleash these strikes until they first gain access to a company's computer network.
This brings us to the third key group — the old-fashioned hackers, or access brokers, who find a way in. If you need these guys, you'll find them on the Dark Web.
"You go into the underground forums and there's this whole category of threat actors we call an access broker," said Adam Meyers, senior vice president for intelligence at the cyberdefense firm CrowdStrike. "And what they do all day is hacking into different businesses. And then they advertise that access. You want say, company X, it's four thousand dollars."
A small price to pay if that access then leads to a multi-million dollar ransom.
Criminals trusting criminals
Of course, all these relationships require a lot of trust among criminals hiding behind online pseudonyms.
"How do you trust someone who is fundamentally untrustworthy, who is fundamentally a thief?" said Alperovitch.
"It's very difficult to get into these criminal forums. You kind of have to prove that you're a criminal by committing some act of cybercrime," he added. "They validate that you're not law enforcement. That's been a huge problem for them in the past."
Another potential pitfall is success — or more precisely — too much of it.
Ransomware groups that repeatedly pull off big heists quickly develop a reputation. While the hackers may be protected by living in a country like Russia, they still draw attention from Western cybersecurity companies and law enforcement.
These successful groups sometimes disband temporarily and lay low — only to later resurface later under a different name.
"It may be a new group, and a new team with a new coach, but they've got very capable team members," said Wendi Whitmore.
In a new report on the costs of ransomware, the firm Cybereason found that the costs of recovering from an attack often far exceed the ransom payment itself.
A survey found that even when the hackers provided a "key" to unlock data following a ransom payment, information was corrupted in nearly nearly half the cases. Also, about two-thirds of companies reported significant drops in revenue following an attack.
Biden's warning
At Wednesday's summit, Biden said he would respond if the U.S. continues to be hit, especially in a critical industry, like energy supplies of the water system.
"Responsible countries need to take action against criminals who conduct ransomware activities on their territory," Biden said at a news conference immediately following the summit.
Russian hackers already take precautions not to hit organizations in their homeland or in friendly countries. Putin could tell Russian hackers to cut out the attacks on the U.S. if he wants to, said Alperovitch.
"They're not part of his inner circle. They're not generating any significant revenue for the Russian state," Alperovitch noted. "So this is the one issue that, if pressed on, Putin can actually give on, and and we can get some concessions."
So will he? Biden said he expects the answer to be clear within a few months.
Greg Myre is an NPR national security correspondent. Follow him @gregmyre1.
veryGood! (559)
Related
- All the Ways Megan Fox Hinted at Her Pregnancy With Machine Gun Kelly
- Olivia Munn Randomly Drug Tests John Mulaney After Mini-Intervention
- Britney Spears reunites with son Jayden, 18, after kids moved in with dad Kevin Federline
- Mike Tyson vs. Jake Paul referee handled one of YouTuber's biggest fights
- Bodyless head washes ashore on a South Florida beach
- 13 escaped monkeys still on the loose in South Carolina after 30 were recaptured
- A herniated disc is painful, debilitating. How to get relief.
- What are the best financial advising companies? Help USA TODAY rank the top U.S. firms
- Tony Todd, star of 'Candyman,' 'Final Destination,' dies at 69
- Lululemon, Disney partner for 34-piece collection and campaign: 'A dream collaboration'
Ranking
- New Mexico secretary of state says she’s experiencing harassment after the election
- What are the best financial advising companies? Help USA TODAY rank the top U.S. firms
- Mississippi man charged with shooting 5 people after not being allowed into party
- Ex-Duke star Kyle Singler draws concern from basketball world over cryptic Instagram post
- Mason Bates’ Met-bound opera ‘Kavalier & Clay’ based on Michael Chabon novel premieres in Indiana
- Gigi Hadid and Bradley Cooper Prove They're Going Strong With Twinning Looks on NYC Date
- Parts of Southern California under quarantine over oriental fruit fly infestation
- Wreck of Navy destroyer USS Edsall known as 'the dancing mouse' found 80 years after sinking
Recommendation
-
Wind-whipped wildfire near Reno prompts evacuations but rain begins falling as crews arrive
-
Beyoncé course coming to Yale University to examine her legacy
-
Driver dies after crashing on hurricane-damaged highway in North Carolina
-
Kentucky officer reprimanded for firing non-lethal rounds in 2020 protests under investigation again
-
Denver district attorney is investigating the leak of voting passwords in Colorado
-
Why Outer Banks Fans Think Costars Rudy Pankow and Madison Bailey Used Stunt Doubles Amid Rumored Rift
-
Arkansas governor unveils $102 million plan to update state employee pay plan
-
Skai Jackson announces pregnancy with first child: 'My heart is so full!'