"
data-check-event-based-preview=""
data-is-vertical-video-embed="false"
data-network-id=""
data-publish-date="2022-03-22T21:58:40Z"
data-video-section="business"
data-canonical-url="https://www.cnn.com/videos/business/2022/03/22/cybersecurity-ceo-cyberattacks-russia-ukraine-invasion-qmb-vpx.cnnbusiness"
data-branding-key=""
data-video-slug="cybersecurity ceo cyberattacks russia ukraine invasion qmb vpx"
data-first-publish-slug="cybersecurity ceo cyberattacks russia ukraine invasion qmb vpx"
data-video-tags="business and industry sectors,business, economy and trade,computer science and information technology,continents and regions,crime, law enforcement and corrections,criminal offenses,cyber attacks,digital crime,digital security,eastern europe,embargoes and sanctions,europe,international relations,international relations and national security,malware,russia,russia-ukraine conflict,software and applications,technology,ukraine,unrest, conflicts and war"
data-details="">
Video Ad Feedback
Cybersecurity CEO: 'More targeted ransomware attacks' by Russia coming
"
data-check-event-based-preview=""
data-is-vertical-video-embed="false"
data-network-id=""
data-publish-date="2022-03-22T21:58:40Z"
data-video-section="business"
data-canonical-url="https://www.cnn.com/videos/business/2022/03/22/cybersecurity-ceo-cyberattacks-russia-ukraine-invasion-qmb-vpx.cnnbusiness"
data-branding-key=""
data-video-slug="cybersecurity ceo cyberattacks russia ukraine invasion qmb vpx"
data-first-publish-slug="cybersecurity ceo cyberattacks russia ukraine invasion qmb vpx"
data-video-tags="business and industry sectors,business, economy and trade,computer science and information technology,continents and regions,crime, law enforcement and corrections,criminal offenses,cyber attacks,digital crime,digital security,eastern europe,embargoes and sanctions,europe,international relations,international relations and national security,malware,russia,russia-ukraine conflict,software and applications,technology,ukraine,unrest, conflicts and war"
data-details="">
Video Ad Feedback
Cybersecurity CEO: 'More targeted ransomware attacks' by Russia coming
"
data-check-event-based-preview=""
data-is-vertical-video-embed="false"
data-network-id=""
data-publish-date="2021-12-14T20:51:21Z"
data-video-section="business"
data-canonical-url="https://www.cnn.com/videos/tech/2021/12/14/us-cyber-warning-software-vulnerability-marquardt-nr-vpx.cnn"
data-branding-key=""
data-video-slug="us cyber warning software vulnerability marquardt nr vpx"
data-first-publish-slug="us cyber warning software vulnerability marquardt nr vpx"
data-video-tags="business and industry sectors,business, economy and trade,computer science and information technology,crime, law enforcement and corrections,criminal offenses,cyberterrorism,digital crime,digital security,international relations and national security,national security,software and applications,technology,terrorism,terrorism and counter-terrorism,unrest, conflicts and war"
data-details="">
Video Ad Feedback
How your device could be at risk of 'one of the most serious' cyber security threats
"
data-check-event-based-preview=""
data-is-vertical-video-embed="false"
data-network-id=""
data-publish-date="2021-08-03T17:51:30Z"
data-video-section="business"
data-canonical-url="https://www.cnn.com/videos/business/2021/08/03/solarwinds-ceo-cybersecurity-hacks.cnnbusinesss"
data-branding-key="the-chat-with-julia-chatterley"
data-video-slug="solarwinds ceo cybersecurity hacks"
data-first-publish-slug="solarwinds ceo cybersecurity hacks"
data-video-tags="celebrities,companies,crime, law enforcement and corrections,criminal offenses,cyberterrorism,digital crime,digital security,international relations and national security,julia chatterley,national security,solarwinds,technology,terrorism,terrorism and counter-terrorism,unrest, conflicts and war"
data-details="">
Video Ad Feedback
SolarWinds CEO: Cyber threats need community vigilance
"
data-check-event-based-preview=""
data-is-vertical-video-embed="false"
data-network-id=""
data-publish-date="2021-06-10T14:21:09Z"
data-video-section="business"
data-canonical-url="https://www.cnn.com/videos/business/2021/06/10/fireeye-ceo-cybersecurity-ransomware.cnnbusiness"
data-branding-key="the-chat-with-julia-chatterley"
data-video-slug="fireeye ceo cybersecurity ransomware"
data-first-publish-slug="fireeye ceo cybersecurity ransomware"
data-video-tags="business executives,business, economy and trade,companies,compensation and benefits,crime, law enforcement and corrections,criminal offenses,currencies,digital crime,digital currencies,economy and economic indicators,executive pay,fireeye,labor and employment,money, banknotes and coins,technology,workers and professionals"
data-details="">
"
data-check-event-based-preview=""
data-is-vertical-video-embed="false"
data-network-id=""
data-publish-date="2021-06-03T22:01:48Z"
data-video-section="business"
data-canonical-url="https://www.cnn.com/videos/business/2021/06/03/companies-ransomware-white-house-marquardt-dnt-vpx.cnn"
data-branding-key=""
data-video-slug="companies ransomware white house marquardt dnt vpx"
data-first-publish-slug="companies ransomware white house marquardt dnt vpx"
data-video-tags="business and industry sectors,business, economy and trade,computer science and information technology,continents and regions,crime, law enforcement and corrections,criminal offenses,digital crime,digital security,eastern europe,europe,food and beverage industry,food production industry,government and public administration,government bodies and offices,malware,politics,russia,software and applications,technology,us federal government,white house"
data-details="">
Video Ad Feedback
White House urges companies to take cyberattack threat more seriously
"
data-check-event-based-preview=""
data-is-vertical-video-embed="false"
data-network-id=""
data-publish-date="2021-05-11T15:04:18Z"
data-video-section="business"
data-canonical-url="https://www.cnn.com/videos/business/2021/05/11/ibm-ceo-cybersecurity.cnnbusiness"
data-branding-key="the-chat-with-julia-chatterley"
data-video-slug="ibm ceo cybersecurity"
data-first-publish-slug="ibm ceo cybersecurity"
data-video-tags="companies,government organizations - us,ibm,nasa,space and astronomy,us federal departments and agencies,us government independent agencies"
data-details="">
Video Ad Feedback
IBM CEO: Cybersecurity needs to be a collective effort led by government
"
data-check-event-based-preview=""
data-is-vertical-video-embed="false"
data-network-id=""
data-publish-date="2020-03-13T12:12:56Z"
data-video-section="business"
data-canonical-url="https://www.cnn.com/videos/business/2020/03/12/sim-swap-hacker-stole-one-million-sg-orig.cnn"
data-branding-key="unhackable"
data-video-slug="sim swap hacker stole one million sg orig"
data-first-publish-slug="sim swap hacker stole one million sg orig"
data-video-tags="business and industry sectors,business, economy and trade,consumer electronics,consumer products,crime, law enforcement and corrections,criminal offenses,digital crime,digital security,electronics,mobile and cellular telephones,mobile technology,technology,telecommunications industry,wireless carriers,wireless industry"
data-details="">
Video Ad Feedback
A hacker stole $1 million from him by tricking his cell phone provider
"
data-check-event-based-preview=""
data-is-vertical-video-embed="false"
data-network-id=""
data-publish-date="2019-07-23T12:00:39Z"
data-video-section="business"
data-canonical-url="https://www.cnn.com/videos/business/2018/09/25/biggest-data-breaches-equifax-orig.cnn-business"
data-branding-key="unhackable"
data-video-slug="biggest data breaches equifax orig"
data-first-publish-slug="biggest data breaches equifax orig"
data-video-tags="banking, finance and investments,big data,business and industry sectors,business, economy and trade,companies,computer science and information technology,consumer credit reporting,consumer loans and credit,credit cards,crime, law enforcement and corrections,criminal offenses,digital crime,digital security,equifax incorporated,information management,linkedin corporation,oath (company),personal finance,target corp,technology,yahoo inc"
data-details="">
Video Ad Feedback
5 of the biggest data breaches?
01:43
Now playing
- Source:
CNN Business
Editor’s Note: Mike Chapple is teaching professor of information technology at the University of Notre Dame’s Mendoza College of Business. The opinions expressed in this commentary are his own.
Over the past several weeks, ransomware attacks shut down a critical gas pipeline serving the Eastern United States, disrupted meat plants in Australia and North America, exposed sensitive police files in Washington, DC, and delayed ferry service to Cape Cod. Other recent attacks have disrupted hospital systems and crippled Ireland’s national health service in the midst of the Covid-19 pandemic. These critical infrastructure disruptions bring into clear focus that ransomware poses a significant risk to national security, and it’s time to begin treating it as we would any other serious threat.
Ransomware builds upon the computer viruses and worms of years’ past and adds a terrifying twist. Once ransomware infects a system, it encrypts all of the data on that system, rendering it inaccessible to legitimate users. The ransomware author then demands the payment of a ransom in exchange for providing the decryption key required to restore access. Recently, ransomware authors have gone even further and made extortionary threats to disclose sensitive information unless the ransom is paid.
The recent flurry of successful ransomware attacks highlights how our national security is at stake. This series of uncoordinated attacks affected our energy infrastructure and transportation services. A group of attackers intending to inflict havoc could quietly infect a series of critical systems and then simultaneously cripple many elements of our infrastructure.
Now, we must focus our national attention on addressing this risk with a comprehensive, interdisciplinary approach. Unfortunately, as with most claimed panaceas, there is no simple solution to the scourge of ransomware, but there are some good places to start.
Below are some do’s and don’ts for the government and companies to keep in mind:
Rely on national intelligence
At the end of April, just days before the Colonial Pipeline attack made headlines around the world, a more-than 60-member Ransomware Task Force (RTF) released an 81-page report, “Combatting Ransomware.” Acknowledging the complexity of the problem, this group of cybersecurity experts recommended 48 specific actions that government and industry leaders may take to push back against the increasing number of ransomware infections.
Some of the task force recommendations rely on the government to play an important role. If we consider ransomware a national security priority, it only makes sense that we would bring the resources of the nation’s intelligence community and law enforcement agencies to bear on the problem. The United States possesses the world’s most sophisticated intelligence collection and analysis capabilities. Surely, those capabilities could be used to identify and pursue the perpetrators of ransomware attacks.
We saw the beginnings of this coordinated approach earlier this week when the Justice Department announced that it seized $2.3 million in bitcoin paid to the Colonial Pipeline attackers. This was a remarkable feat of intelligence and law enforcement, as tracking Bitcoin transactions isn’t easy. It’s exactly the type of activity that will deter and disrupt future attacks.
Disrupt the business model
Similarly, the government can disrupt the business model for ransomware. Ransomware attacks continue to happen because they are profitable. Disrupting those profits would deter attackers from investing time and resources in these attacks. The RTF report includes a dozen recommendations for doing so, including enforcing existing financial crime laws, enhancing seizure capabilities and applying statutes designed to combat organized crime.
The coordinated seizure of funds from the Colonial Pipeline attack is a good example of this strategy, but more is needed. Federal, state and local law enforcement officials must share information and work together with their international colleagues to bring these attackers to justice. Attackers must begin to live in the constant fear that their funds will be seized and they will be arrested.
Develop a national ransomware incident response
Companies that fall victim to these attacks need to know what to do when an attack occurs and where they may turn for expert advice. Large businesses often have dedicated cybersecurity teams and the resources to bring in expert consultants, but smaller businesses, non-profits and government agencies often lack access to those resources. Creating a national center of excellence in ransomware response would help organizations of all sizes gain access to expert guidance when they face a ransomware crisis.
Businesses must bolster their cybersecurity
Ransomware isn’t a problem that the government alone can solve. Organizations around the world must also bolster their cybersecurity defenses to reduce the risk of falling victim to these attacks. This definitely requires strong technical measures, including the use of security technologies and data backups.
But this isn’t just a technical problem. Ransomware often enters an organization after a single employee makes a single mistake. Effectively fighting ransomware requires strong education and awareness efforts that help everyone in an organization understand the risk and their role in protecting critical systems.
Don’t ban ransom payments
Banning ransom payments might seem appealing because it would hit attackers in the pocketbook. Prohibit American businesses from making ransom payments, the theory goes, and ransomware authors will lose the incentive to wage attacks. The fundamental problem with this policy is that it would further victimize the victims of a crime. This is the reason that we don’t outlaw the payment of ransom to kidnappers and it’s also the reason that we shouldn’t outlaw ransomware payments.
Are we really willing to tell a hospital that suffered a ransomware attack that it is not allowed to pay the ransom that would restore access to critical medical devices or patient files? Waiting for companies to rebuild their technology infrastructure because they aren’t allowed to pay ransom could cause prolonged disruptions to gas pipelines, mass transit, the food supply and other essential industries. Small businesses suffering ransomware attacks will simply go out of business because they can’t get back up and running again. When you consider the negative side effects of banning ransom payments, the solution no longer seems so simple.
Don’t ban cryptocurrency
Ransomware authors demand payment in Bitcoin and other cryptocurrencies because the nature of those currencies allows anonymous transactions. Some experts argue that banning cryptocurrency entirely would shut down the ransomware markets, but banning cryptocurrency entirely isn’t the answer either. While there are very strong arguments that most cryptocurrency transactions are either speculative investments or criminal activity, it’s a major stretch to jump from there to the assertion that cryptocurrency should be completely illegal. It would be almost impossible to stop cryptocurrency transactions if we tried. The United States lacks the jurisdiction to create or enforce an international ban, and the decentralized nature of cryptocurrency systems makes it difficult to imagine how such a ban would even function.
Ransomware is a complex problem that poses a significant threat to our national security, but we’ve tackled complex problems in the past. The country that put astronauts on the moon and stemmed the coronavirus pandemic is certainly capable of successfully fighting the battle against ransomware.
![This photo taken on August 4, 2020 shows Prince, a member of the hacking group Red Hacker Alliance who refused to give his real name, using his computer at their office in Dongguan, China's southern Guangdong province. - From a small, dingy office tucked away in an industrial city in southern China, one of China's last "volunteer hacker" groups maintains a final outpost in its patriotic hacking war. (Photo by NICOLAS ASFOURI / AFP) / TO GO WITH China-hacking-security,FOCUS by Laurie Chen / The erroneous mention[s] appearing in the metadata of this photo by NICOLAS ASFOURI has been modified in AFP systems in the following, we removed the HOLD HOLD HOLD in the main caption. Please immediately remove the erroneous mention[s] from all your online services and delete it (them) from your servers. If you have been authorized by AFP to distribute it (them) to third parties, please ensure that the same actions are carried out by them. Failure to promptly comply with these instructions will entail liability on your part for any continued or post notification usage. Therefore we thank you very much for all your attention and prompt action. We are sorry for the inconvenience this notification may cause and remain at your disposal for any further information you may require. (Photo by NICOLAS ASFOURI/AFP via Getty Images)](https://media.cnn.com/api/v1/images/stellar/prod/210621154549-hackers-keyboard.jpg?q=x_0,y_131,h_1419,w_2523,c_crop/w_250)
