PICT2001 Essay PDF

Preview

Summary

There has been discussion around the outlawing of payments in ransomware attacks. Discuss what benefit this would provide (if any) and critically evaluate the effectiveness of this strategy.In recent times, with the rapid development of technology, the world has seen a surge in the number of cyberat...

Description

There has been discussion around the outlawing of payments in ransomware attacks. Discuss what benefit this would provide (if any) and critically evaluate the effectiveness of this strategy. In recent times, with the rapid development of technology, the world has seen a surge in the number of cyberattacks affecting individuals and corporations. Ransomware, a type of computer malware, is becoming an increasingly serious risk to organisations around the globe. Due to its increasing threat to society, a number of discussions have been taking place in order to develop effective strategies to combat ransomware attacks and minimise their destructive effects. One strategy that is being widely considered is the outlawing of payments in ransomware attacks. Experts are divided on whether this strategy is appropriate to assist in reducing the number of ransomware attacks affecting individuals and organisations worldwide. This essay will present the possible advantages and disadvantages of implementing this strategy in the fight against ransomware attacks and critically evaluate the effectiveness of banning the payment of ransoms. Ransomware attacks have recently become one of the most harmful scams to affect individuals and organisations around the globe. Research suggests that the number of global ransomware reports have increased by 715.8% from 2019 to 2020 (Zafft, 2021). It is usually spread by user-initiated actions such as clicking an infected link or visiting a malicious website (CIS, 2017). Attackers seek to extort their victims in order to achieve financial gain (Dey and Lahiri, 2021). In a ransomware attack, a user’s files are encrypted and a ransom is demanded, usually in the form of bitcoin, in order for the victim to retrieve access (Fruhlinger, 2018). Businesses must then make a decision on whether or not to pay the ransom. If they do not pay, businesses face losing large amounts of their pivotal data, which could massively harm the business and negatively affect its operations. Often times, businesses do take the decision to pay colossal amounts of money as ransom in order to receive a decryption key so they can regain access to their data and systems (Fruhlinger, 2018). Though, with the increasing number of organisations succumbing to ransomware payments, conversations arise regarding whether or not this is an appropriate solution to ransomware attacks. Cyber-security experts around the globe are calling for the outlawing of

payments in ransomware attacks to assist in its eradication. Other argue that this strategy is not the correct way to go about dealing with the increasing ransomware issue. There are a number of potential of benefits that can arise with the outlawing of payments in ransomware attacks. Some experts argue that the eradication of ransomware attacks may be achieved if it becomes illegal to pay ransom. They argue that by paying a ransom, an organisation is playing a role in strengthening the operations and illegal activities of the attacker. A collective effort is needed to tackle the issue of ransomware attacks (Valavanis, 2020). By outlawing payments in ransomware attacks, cyber-criminals will eventually realise that they are no longer achieving financial gain, and thus lose motivation to continue attacking (Tidy, 2021). Whereas, if businesses continue paying the ransoms demanded, it may lead to attackers becoming more encouraged to conduct further ransomware attacks. According to Shi (2020), paying ransoms demanded by attackers’ fuels future attacks and ensures that the attackers have funds which they can use to perform increasingly advanced and more harmful cyber-crimes. The millions of dollars in ransom payments made to cyberattackers allows them to further develop their strategies of attack, which in turn further increases the risk of ransomware to society. The outlawing of payments in ransomware attacks will assist in starving the cyber-crime industry. There will remain no incentive for cyber-criminals to continue attacking if their outcomes are no longer profitable, as their main motivator is generating money (Bambenek and Bashir, 2020). As well as this, organisations that have previously paid ransom to attackers are more likely to become recurring victims of ransomware attacks. Toll Group, an Australian transportation and logistics company suffered an attack by ransomware group Mailto, which left a backdoor in the system which could be used for future attacks (Crozier, 2020). Later, another ransomware group known as Nefilim was able to exploit this backdoor which had not been patched after the first attack, to conduct another attack on the same company (Crozier, 2020). This shows that paying the demanded ransom may often cause more harm rather than good. A successful ransomware attack by one group can mean that other groups may also attack in the hopes of being successful (Crozier, 2020). By outlawing the payments in ransomware attacks, a large step is taken towards the defunding and disestablishment of cyber-attackers and their criminal activities. Researchers around the globe are calling for the banning of ransomware payments in order to reduce their prevalence overall.

Apart from this, the payment of ransoms does not provide a guarantee that an organisations files will be returned to them (Shi, 2020). According to Sophos (2021), only 8% of all organisations which paid ransom were able to retrieve all their encrypted data. This means that in most cases, organisations may suffer a great financial loss in the payment of ransoms, yet still be unable to access their data. Additionally, the payment of ransom in ransomware attacks does not ensure that the attackers will not publish or monetize off of the sensitive data they have received unauthorised access to. The outlawing of payments in ransomware attacks will assist in protecting organisations from spending massive sums on ransom, without regaining access and control to their data and systems. On the other hand, the outlawing of ransomware payments can lead to extremely destructive consequences for individuals and small business owners. If organisations are not able to pay ransom, they may suffer severe losses of data which can have damaging effects on those who are not equipped to deal with such losses (Connolly et al., 2020). Consequences may include major financial damages and even the possibility of going out of business (Connolly et al., 2020). Often times, paying the ransom demanded is the only solution available to the regain access to data of individuals and small businesses that have fallen victim to an attack (Cartwright et al., 2019). Paying the ransom becomes an attractive way of fixing a ransomware problem cheaply, effectively and with minimum harm to a business’s reputation and operations (Valavanis, 2020). Most of the time, organisations that are unable to pay the ransom demanded are forced to deal with major recovery costs. In March of 2018, the City of Atlanta suffered a ransomware attack in which they were demanded to pay a sum of $51,000 which they refused to pay. Though instead, they were forced to spend $17 million in the upgrading of their systems and databases (Dey and Lahiri, 2021). This shows that banning the payment of ransom will be severely detrimental and costly to organisations around the globe. Without the ability to legally pay the demanded amount, organisations around the globe will suffer extreme losses. The losses these organisations will face, in some cases, can be severe enough to force them out of business. Additionally, the banning of ransomware payments may lead to attackers more heavily targeting essential organisations such as hospitals and energy providers (Marks, 2021). This is because organisations like these cannot afford to pause operations, and therefore are more likely to be pressured into choosing to pay a ransom (SentinelOne, 2019). Such organisations would be forced to succumb to paying ransoms due to the fear of the damages that would occur as a result of their operations being halted for even a short period of time (Holmes,

2020). Cyber-attackers would increase the stakes until the consequences of not paying the ransom would overtake the impact of the breach (Wade and Shackelford, 2021). It would also be unethical to persecute providers of essential services for performing the actions needed to swiftly restore their operations. Essential organisations which choose against illegally paying the sums demanded will suffer massive amounts of down-time, negatively impacting their operations and the lives of people seeking their services. Outlawing of payments in ransomware attacks could put lives at risk and severely disrupt the livelihoods of thousands of people (Marks, 2021). Such was the case in Germany, when a woman with a lifethreatening condition died after the hospital closest to her was unable to treat patients due to a ransomware attack (Wetsman, 2020). In Ireland, health care systems who refused to pay ransom were blocked from accessing electronic scans and X-rays around the country (Marks, 2021) The outlawing of payments in ransomware attacks may also decrease the number of organisations reporting attacks to the authorities (Koning, 2020). For thousands of organisations, paying the ransom demanded is the only way of regaining access to their data. There is no guarantee that all organisations will follow a newly implemented law stating that they cannot pay ransom. This means that any organisations illegally paying ransom sums would be forced into staying quiet about the attacks they have fallen victim to (Koning, 2020). For many organisations which may illegally pay ransom, not reporting ransomware attacks is the only possible option in order to keep themselves safe from being persecuted. If organisations are no longer providing accurate data regarding ransomware attacks, major discrepancies will be created, which will ultimately make it much harder for authorities and researchers to keep track of and combat such cyber-crimes (Koning, 2020). It is crucial that authorities gain as much information as possible surrounding ransomware attacks so that preventative measures can be developed (Erridge, 2016). Also, accurate reporting and data assists authorities in finding the perpetrator and thus being able to release decryption keys to the public (Proven Data, 2020). Many researchers argue that outlawing ransomware payments will starve the cybercrime industry of motivation and the funds needed to conduct more damaging future attacks. Though, Bambenek and Bashir (2020) state that reducing the incentive for cybercriminals will not work till there is focus on increasing the stakes for operators of the attacks. Outlawing ransomware payments will also protect organisations from becoming recurring victims and paying ransom without receiving access to their files in return. While

theoretically, the outlawing of payments in ransomware attacks seems like the perfect solution, it will cause the demise of thousands of businesses who will suffer great losses due to being unable to pay ransom. The long-term goal of eradicating ransomware attacks through banning the payment of ransom will cause extreme and irreversible damage to organisations around the world. Therefore, though this strategy would be of use in a perfect world, there are a number of points which need to be taken into consideration before it is implemented (Tidy, 2021). The best possible solution for a decrease in ransomware is to ensure that organisations are protected and prepared for an attack by educating their employees and regularly backing up their data. In conclusion, the readily increasing ransomware attacks affecting businesses worldwide have led to discussion about strategies which can be used to eradicate them. The outlawing of payments in ransomware attacks can be a useful strategy as it will mean that cyber-criminals are no longer achieving financial gain and thus will become demotivated to continue attacking. Also, this strategy will ensure that cyber-criminals are not receiving funding through ransom payments to carry out more extreme and devastating effects in the future. While this strategy may have many benefits in the long term, it will have many severe consequences on individuals and organisations around the world which will suffer the loss of their data and systems. Further research is needed before a decision is made about whether or not the outlawing of payments in ransomware attacks is the appropriate strategy to help in fighting the war against cybercrime.

Reference list Bambenek JC and Bashir M (2020) Ethics, Economics, and Ransomware: How Human Decisions Grow the Threat. In: Advances in Human Factors in Cybersecurity, 2020. Springer, Cham. Cartwright E, Hernandez Castro J and Cartwright A (2019) To pay or not: game theoretic models of ransomware. Journal of Cybersecurity 5(1). DOI: 10.1093/cybsec/tyz009. CIS (2017) Ransomware: Facts, Threats, and Countermeasures - CIS. Available at: https://www.cisecurity.org/blog/ransomware-facts-threats-and-countermeasures/. Connolly LY, Wall DS, Lang M, et al. (2020) An empirical study of ransomware attacks on organizations: an assessment of severity and salient factors affecting vulnerability. Journal of Cybersecurity 6(1). DOI: 10.1093/cybsec/tyaa023. Crozier R (2020) Toll Group may have lost over 200GB of data in ransomware attack. Available at: https://www.itnews.com.au/news/toll-group-may-have-lost-over-200gb-of-datain-ransomware-attack-548362 (accessed 5 September 2020). Dey D and Lahiri A (2021) Should We Outlaw Ransomware Payments? In: Hawaii International Conference on System Sciences, Hawaii, 2021. Erridge T (2016) Ransomware: threat and response. Network Security 2016(10): 17–19. DOI: 10.1016/s1353-4858(16)30097-6. Fruhlinger J (2018) What is ransomware? How these attacks work & how to recover from them. Available at: https://www.csoonline.com/article/3236183/what-is-ransomware-how-itworks-and-how-to-remove-it.html. Holmes A (2020) Ransomware attacks are increasing at an unprecedented rate — and the US is now begging people not to pay ransoms. Available at: https://www.businessinsider.com.au/ransomware-attacks-us-treasury-hackers-covid-2020-10? r=US&IR=T.

Koning J (2020) Ban All Ransomware Payments, in Bitcoin or Otherwise. Available at: https://www.coindesk.com/ban-all-ransomware-payments-bitcoin. Marks J (2021) Analysis | The Cybersecurity 202: Cybersecurity pros are split on banning ransomware payments. Washington Post. Available at: https://www.washingtonpost.com/politics/2021/05/21/cybersecurity-202-cybersecurity-prosare-split-banning-ransomware-payments/. ProvenData (2020) Should I Report Ransomware to Authorities? (Top Reasons/Concerns). Available at: https://www.provendatarecovery.com/blog/reasons-report-ransomware-cybercrime/#:~:text=Reporting%20your%20ransomware%20incident%20to (accessed 29 May 2021). SentinelOne (2019) Ransomware: To Pay or Not to Pay? SentinelOne. Shi F (2020) Ransomware Attacks: Why It Should Be Illegal to Pay the Ransom. Available at: https://www.darkreading.com/risk/ransomware-attacks-why-it-should-be-illegal-to-paythe-ransom/a/d-id/1336905. Sophos (2021) The State of Ransomware 2021. Sophos. Tidy J (2021) Ransomware: Should paying hacker ransoms be illegal? BBC News, 19 May. Available at: https://www.bbc.com/news/technology-57173096. Valavanis S (2020) To Pay or Not To Pay Ransomware, That Is the Question …. Available at: https://www.law.com/corpcounsel/2020/12/14/to-pay-or-not-to-pay-ransomware-that-is-thequestion/. Wade M and Shackelford S (2021) Colonial Pipeline forked over $4.4M to end cyberattack – but is paying a ransom ever the ethical thing to do? Available at: https://theconversation.com/colonial-pipeline-forked-over-4-4m-to-end-cyberattack-but-ispaying-a-ransom-ever-the-ethical-thing-to-do-161383 (accessed 29 May 2021). Wetsman N (2020) Woman dies during a ransomware attack on a German hospital. Available at: https://www.theverge.com/2020/9/17/21443851/death-ransomware-attack-hospitalgermany-cybersecurity. Zafft R (2021) Colonial Pipeline: What Payment For Ransomware Piracy? Available at: https://www.forbes.com/sites/robertzafft/2021/05/21/colonial-pipeline-what-payment-forransomware-piracy/?sh=73e39dcb4600 (accessed 29 May 2021)....