“It’s clear that ransomware attacks are on the rise,” Matthew Prince, CEO of Cloudflare, tells TechCrunch. “In September 2022, nearly one in every four respondents to our customer survey reported receiving a ransomware attack or threat, the highest month so far of 2022.”

2022 hasn’t just been the worst year for ransomware attacks statistically, it has also just been… the worst. While hackers last year focused on critical infrastructure and financial services, this year’s focus has been on organizations where they can inflict the most damage.

These attacks don’t just demonstrate that ransomware is worsening. They also show that ransomware is a global problem and that global action is needed to fight back successfully. Earlier in November, the U.S. government started to take strides in the right direction, announcing that it will establish an International Counter Ransomware Task Force, or ICRTF, to promote information and capability sharing.

“This is a global issue, so governments need to come together,” Camellia Chan, CEO and founder at cybersecurity firm X-PHY tells TechCrunch. “That said, collaboration alone won’t provide a solution. It’s more than signing an agreement.”

Fuel tanks are seen at Colonial Pipeline Baltimore Delivery in Baltimore, Maryland on May 10, 2021. The U.S. government declared a regional emergency on May 9, 2021 as the largest U.S. fuel pipeline system remained largely shut down, two days after a ransomware attack. Image Credits: Jim Watson / AFP via Getty Images.

This is a viewpoint shared among the cybersecurity community: Signing agreements and sharing intelligence is all well and good, but it’s unlikely to deter financially motivated cybercriminals that continue to reap the rewards of these attacks.

To gain ground on cybercriminals that continue to achieve a high rate of success, governments need a fresh approach.

“You can’t arrest your way out of the problem,” Morgan Wright, chief security advisor at SentinelOne, tells TechCrunch. “There are numerous examples of both transnational criminal ransomware actors and nation-state actors being identified and indicted for various crimes. These offenders almost always live in countries with no extradition treaty with the country that has issued the indictments.”

“One area I would like to see an increased effort is in the area of human collection of intelligence,” Wright added. “We need more penetration of state actors and criminal organizations. Too often, ransomware is viewed as a technical issue. It’s not. It’s human greed that uses technology to achieve an end goal.”

“This includes using regulatory pressure on the cryptocurrency market to make tracking and recouping ransomware payments easier,” Kolasky tells TechCrunch, a view shared by others.

“We need governments to take a bigger role in blocking cryptocurrencies, which is the enabler of attacker monetization strategies,” David Warburton, director of networking company F5 Labs, agrees, telling TechCrunch: “While decentralized currencies, such as bitcoin, aren’t inherently bad, nor solely responsible for the ransomware epidemic we’re facing, there’s no denying they are a huge factor.”

“While control and regulation somewhat defeat the original intent of decentralized currencies, there’s no escaping the fact that without Bitcoin, ransomware simply wouldn’t exist,” said Warburton.

But legislation wouldn’t work unless it’s a global effort, he said: “Many ransomware groups operate from countries which have no motivation to help those that are being targeted.”

This is a problem that, like ransomware itself, has been worsened by Russia’s invasion of Ukraine, which has ended any cooperation between Europe, the U.S. and Russia on ransomware operations inside Russia. Jason Steer, chief information security officer at threat intelligence giant Recorded Future, said that this is an area that immediately needs more global government support.

“The focus has significantly dropped off in 2022 due to Russia’s activities, where in fact many groups operate safely from,” said Steer.

Even if governments joined forces to collaboratively fight the growing ransomware problem, it’s unlikely to have any immediate effect. Security experts expect no respite from ransomware as we enter 2023 as increasingly savvy hackers exploit new attack vectors and continue to reap the financial rewards.

“There are governments that are working to provide more support and resources. But it will never be enough,” says Wright. “Bad actors will always have the advantage, but we should make them pay in a significant way every time an attack is launched.”

Ransomware is a global problem that needs a global solution by Carly Page originally published on TechCrunch

source