"
data-check-event-based-preview=""
data-is-vertical-video-embed="false"
data-network-id=""
data-publish-date="2022-03-22T21:58:40Z"
data-video-section="business"
data-canonical-url="https://www.cnn.com/videos/business/2022/03/22/cybersecurity-ceo-cyberattacks-russia-ukraine-invasion-qmb-vpx.cnnbusiness"
data-branding-key=""
data-video-slug="cybersecurity ceo cyberattacks russia ukraine invasion qmb vpx"
data-first-publish-slug="cybersecurity ceo cyberattacks russia ukraine invasion qmb vpx"
data-video-tags="business and industry sectors,business, economy and trade,computer science and information technology,continents and regions,crime, law enforcement and corrections,criminal offenses,cyber attacks,digital crime,digital security,eastern europe,embargoes and sanctions,europe,international relations,international relations and national security,malware,russia,russia-ukraine conflict,software and applications,technology,ukraine,unrest, conflicts and war"
data-details="">
Video Ad Feedback
Cybersecurity CEO: 'More targeted ransomware attacks' by Russia coming
"
data-check-event-based-preview=""
data-is-vertical-video-embed="false"
data-network-id=""
data-publish-date="2022-03-22T21:58:40Z"
data-video-section="business"
data-canonical-url="https://www.cnn.com/videos/business/2022/03/22/cybersecurity-ceo-cyberattacks-russia-ukraine-invasion-qmb-vpx.cnnbusiness"
data-branding-key=""
data-video-slug="cybersecurity ceo cyberattacks russia ukraine invasion qmb vpx"
data-first-publish-slug="cybersecurity ceo cyberattacks russia ukraine invasion qmb vpx"
data-video-tags="business and industry sectors,business, economy and trade,computer science and information technology,continents and regions,crime, law enforcement and corrections,criminal offenses,cyber attacks,digital crime,digital security,eastern europe,embargoes and sanctions,europe,international relations,international relations and national security,malware,russia,russia-ukraine conflict,software and applications,technology,ukraine,unrest, conflicts and war"
data-details="">
Video Ad Feedback
Cybersecurity CEO: 'More targeted ransomware attacks' by Russia coming
"
data-check-event-based-preview=""
data-is-vertical-video-embed="false"
data-network-id=""
data-publish-date="2021-12-14T20:51:21Z"
data-video-section="business"
data-canonical-url="https://www.cnn.com/videos/tech/2021/12/14/us-cyber-warning-software-vulnerability-marquardt-nr-vpx.cnn"
data-branding-key=""
data-video-slug="us cyber warning software vulnerability marquardt nr vpx"
data-first-publish-slug="us cyber warning software vulnerability marquardt nr vpx"
data-video-tags="business and industry sectors,business, economy and trade,computer science and information technology,crime, law enforcement and corrections,criminal offenses,cyberterrorism,digital crime,digital security,international relations and national security,national security,software and applications,technology,terrorism,terrorism and counter-terrorism,unrest, conflicts and war"
data-details="">
Video Ad Feedback
How your device could be at risk of 'one of the most serious' cyber security threats
"
data-check-event-based-preview=""
data-is-vertical-video-embed="false"
data-network-id=""
data-publish-date="2021-08-03T17:51:30Z"
data-video-section="business"
data-canonical-url="https://www.cnn.com/videos/business/2021/08/03/solarwinds-ceo-cybersecurity-hacks.cnnbusinesss"
data-branding-key="the-chat-with-julia-chatterley"
data-video-slug="solarwinds ceo cybersecurity hacks"
data-first-publish-slug="solarwinds ceo cybersecurity hacks"
data-video-tags="celebrities,companies,crime, law enforcement and corrections,criminal offenses,cyberterrorism,digital crime,digital security,international relations and national security,julia chatterley,national security,solarwinds,technology,terrorism,terrorism and counter-terrorism,unrest, conflicts and war"
data-details="">
Video Ad Feedback
SolarWinds CEO: Cyber threats need community vigilance
"
data-check-event-based-preview=""
data-is-vertical-video-embed="false"
data-network-id=""
data-publish-date="2021-06-10T14:21:09Z"
data-video-section="business"
data-canonical-url="https://www.cnn.com/videos/business/2021/06/10/fireeye-ceo-cybersecurity-ransomware.cnnbusiness"
data-branding-key="the-chat-with-julia-chatterley"
data-video-slug="fireeye ceo cybersecurity ransomware"
data-first-publish-slug="fireeye ceo cybersecurity ransomware"
data-video-tags="business executives,business, economy and trade,companies,compensation and benefits,crime, law enforcement and corrections,criminal offenses,currencies,digital crime,digital currencies,economy and economic indicators,executive pay,fireeye,labor and employment,money, banknotes and coins,technology,workers and professionals"
data-details="">
"
data-check-event-based-preview=""
data-is-vertical-video-embed="false"
data-network-id=""
data-publish-date="2021-06-03T22:01:48Z"
data-video-section="business"
data-canonical-url="https://www.cnn.com/videos/business/2021/06/03/companies-ransomware-white-house-marquardt-dnt-vpx.cnn"
data-branding-key=""
data-video-slug="companies ransomware white house marquardt dnt vpx"
data-first-publish-slug="companies ransomware white house marquardt dnt vpx"
data-video-tags="business and industry sectors,business, economy and trade,computer science and information technology,continents and regions,crime, law enforcement and corrections,criminal offenses,digital crime,digital security,eastern europe,europe,food and beverage industry,food production industry,government and public administration,government bodies and offices,malware,politics,russia,software and applications,technology,us federal government,white house"
data-details="">
Video Ad Feedback
White House urges companies to take cyberattack threat more seriously
"
data-check-event-based-preview=""
data-is-vertical-video-embed="false"
data-network-id=""
data-publish-date="2021-05-11T15:04:18Z"
data-video-section="business"
data-canonical-url="https://www.cnn.com/videos/business/2021/05/11/ibm-ceo-cybersecurity.cnnbusiness"
data-branding-key="the-chat-with-julia-chatterley"
data-video-slug="ibm ceo cybersecurity"
data-first-publish-slug="ibm ceo cybersecurity"
data-video-tags="companies,government organizations - us,ibm,nasa,space and astronomy,us federal departments and agencies,us government independent agencies"
data-details="">
Video Ad Feedback
IBM CEO: Cybersecurity needs to be a collective effort led by government
"
data-check-event-based-preview=""
data-is-vertical-video-embed="false"
data-network-id=""
data-publish-date="2020-03-13T12:12:56Z"
data-video-section="business"
data-canonical-url="https://www.cnn.com/videos/business/2020/03/12/sim-swap-hacker-stole-one-million-sg-orig.cnn"
data-branding-key="unhackable"
data-video-slug="sim swap hacker stole one million sg orig"
data-first-publish-slug="sim swap hacker stole one million sg orig"
data-video-tags="business and industry sectors,business, economy and trade,consumer electronics,consumer products,crime, law enforcement and corrections,criminal offenses,digital crime,digital security,electronics,mobile and cellular telephones,mobile technology,technology,telecommunications industry,wireless carriers,wireless industry"
data-details="">
Video Ad Feedback
A hacker stole $1 million from him by tricking his cell phone provider
"
data-check-event-based-preview=""
data-is-vertical-video-embed="false"
data-network-id=""
data-publish-date="2019-07-23T12:00:39Z"
data-video-section="business"
data-canonical-url="https://www.cnn.com/videos/business/2018/09/25/biggest-data-breaches-equifax-orig.cnn-business"
data-branding-key="unhackable"
data-video-slug="biggest data breaches equifax orig"
data-first-publish-slug="biggest data breaches equifax orig"
data-video-tags="banking, finance and investments,big data,business and industry sectors,business, economy and trade,companies,computer science and information technology,consumer credit reporting,consumer loans and credit,credit cards,crime, law enforcement and corrections,criminal offenses,digital crime,digital security,equifax incorporated,information management,linkedin corporation,oath (company),personal finance,target corp,technology,yahoo inc"
data-details="">
Video Ad Feedback
5 of the biggest data breaches?
01:43
Now playing
- Source:
CNN Business
Editor’s Note: Matthew F. Ferraro is a former intelligence officer, a counsel at WilmerHale, a term member of the Council on Foreign Relations and a visiting fellow at the National Security Institute at George Mason University. The opinions expressed in this commentary are his own.
The September 11 attacks demonstrated, with horrifying clarity, the outsize power individuals have to wreak havoc on an open society. Since that awful day, the spread of technology and our solidifying interconnectedness have increasingly placed the capacity for disruption and harm in the hands of not just states, but of individuals all over the globe. This trend has been called the democratization of violence, and it describes literal, kinetic violence (think bioweapons cooked up in a kitchen and mini-drones weaponized in a garage) and less physical but still devastating cyberattacks.
These threats will continue to grow in the months and years ahead because cyberattacks of all kinds are relatively cheap and can be launched at scale. Now, American industry and government must work more closely together to buttress the defenses necessary to thwart these attacks.
Ransomware is the latest example of the “democratization of violence” trend. In a ransomware attack, a bad actor accesses a victim’s computer system, uses malware to encrypt the system’s data, and only decrypts it if the victim pays a ransom, usually in Bitcoin because it is difficult to trace. Anyone with an internet connection — from nation-states to criminals to terrorists — with minimal skills and malevolent intentions can now launch these attacks thanks to the advent of “ransomware as a service.” In this business model, ransomware developers lease pre-made malware to anyone who pays, and the developer gets a cut of the ransom payments.
Ransomware extortions have become a self-sustaining ecosystem of criminality. It is a thriving business because most victims are willing to pay relatively modest ransoms, which then fund further attacks. Paying a ransom may incentivize bad behavior, but a victimized company usually (and understandably) just wants its data back as quickly as possible.
Hackers are most often after money, but attacks can also destabilize the US economy, whether intentional or not. For example, in May 2021, a hacking group called DarkSide launched a ransomware attack against Colonial Pipeline, one of the largest fuel pipelines in the United States, forcing a shutdown of its fuel distribution operations across several states. Consider what kind of physical assault it would have required 20 years ago, in a pre-cyber era, to set off a wave of gas shortages across the eastern part of the country.
The scale and impact of these attacks have exploded in recent years. According to one estimate, ransomware will cost the global economy approximately $20 billion in 2021, a 57-fold increase from 2015. Everyone is vulnerable.
In short, America’s cybersecurity system is blinking red. President Biden signed an executive order back in May that requires software sold to the government to meet baseline security standards, demands federal contractors swiftly report cyber incidents, and creates a National Transportation Safety Board-like government entity to review major breaches.
The White House is also calling on the private sector to do more to address cybersecurity, what President Biden called a “core national security challenge” during a recent meeting with tech titans. The administration subsequently announced a number of government and private sector initiatives, including a collaboration to develop a new framework to improve the security of the technology supply chain, increased efforts to train a diverse cybersecurity workforce, and the expansion of an Industrial Control Systems Cybersecurity Initiative from electric utilities to natural gas pipelines, among others.
These are all welcome moves, but there is much more the government and industry can do:
First, the government should act where businesses cannot and take all actions within its power to disrupt the ransomware activities of foreign states and their criminal gangs. That means employing diplomatic pressure, tying progress on taking ransomware groups offline to sanctions relief to the countries where the groups reside, indicting bad actors overseas, extraditing and prosecuting them, and (potentially) taking offensive cyber action against ransomware groups.
Second, the Biden administration should incentivize companies to prepare for ransomware by setting out specific guidelines for what businesses should do to prepare for and respond to ransomware attacks. Right now, the government speaks out of both sides of its mouth. Its official position is that companies should not pay ransoms, but it recognizes that it is often in the company’s — and the public’s — best interest to pay. The FBI urges victims to coordinate with law enforcement about ransomware incidents and to share if ransom has been paid, and through what Bitcoin address.
This ambiguity makes it harder for businesses to manage ransomware risks because they are unsure what steps they should take to navigate these issues, and it leaves them open to post-ransomware litigation. Indeed, Colonial Pipeline was hit by at least two lawsuits after it was victimized. If the administration doesn’t establish such standards now, it will be left to the courts to do so as they resolve these types of suits.
Third, the government should work with companies that are victims of ransomware attacks to recover cryptocurrency paid to hackers, thus interrupting the cycles that fund future attacks. Notably, the FBI worked with Colonial Pipeline to seize over $2 million of Bitcoin paid to the hackers, in a promising sign of what may come from the Department of Justice’s recently established Ransomware and Digital Extortion Task Force. As the Deputy Attorney General Lisa Monaco said, “Following the money remains one of the most basic, yet powerful tools we have.”
None of these actions will eradicate the business risks of ransomware, but they can help counter the democratization of violence with a culture of common defense.
![This photo taken on August 4, 2020 shows Prince, a member of the hacking group Red Hacker Alliance who refused to give his real name, using his computer at their office in Dongguan, China's southern Guangdong province. - From a small, dingy office tucked away in an industrial city in southern China, one of China's last "volunteer hacker" groups maintains a final outpost in its patriotic hacking war. (Photo by NICOLAS ASFOURI / AFP) / TO GO WITH China-hacking-security,FOCUS by Laurie Chen / The erroneous mention[s] appearing in the metadata of this photo by NICOLAS ASFOURI has been modified in AFP systems in the following, we removed the HOLD HOLD HOLD in the main caption. Please immediately remove the erroneous mention[s] from all your online services and delete it (them) from your servers. If you have been authorized by AFP to distribute it (them) to third parties, please ensure that the same actions are carried out by them. Failure to promptly comply with these instructions will entail liability on your part for any continued or post notification usage. Therefore we thank you very much for all your attention and prompt action. We are sorry for the inconvenience this notification may cause and remain at your disposal for any further information you may require. (Photo by NICOLAS ASFOURI/AFP via Getty Images)](https://media.cnn.com/api/v1/images/stellar/prod/210621154549-hackers-keyboard.jpg?q=x_0,y_131,h_1419,w_2523,c_crop/w_250)
