An interesting and troubling perspective. I think the future described might already be here and we urgently need a strategy to deal with it. What do you think?   https://www.politico.com/news/magazine/2021/07/08/ransomware-game-theory-geopolitics-cyber-attack-498625

Ransomware has been slowly becoming a geopolitical weapon for the last several years. It is only recently that the scale of the attacks has reached a level that has propelled ransomware attacks to national attention. The ability to launch such attacks has always been possible. It is an unintended consequence of open system architectures. At issue is the ethics of finding exploitable vulnerabilities and using those exploits to hold businesses for ransom.  But beyond the ethics issue is the heart of the theme of the article – exploiting the vulnerabilities of universally used open systems for political gain or destruction of another country. If you think about the issue, ransomware as a weapon of mass destruction is much easier to deploy and deny than traditional vehicles of open aggression. It is increasingly likely that the next cold war will be fought across the internet instead of on a battlefield. Because of the open nature of the systems in use, it is very difficult to determine for sure who may be responsible for any particular attack. The openness of the systems architecture introduces “plausible deniability” for both ransomware gangs and the countries who harbor such gangs. However, several countries have emerged as the most likely originators of massive ransomware attacks. The article spends considerable time discussing the more traditional methods of protecting businesses from ransomware attacks. But I disagree with the author’s assertion that it may be several years before we see the first coercive encryption used in a geopolitical context. I suspect we have already seen examples of such attacks used in a stealth geopolitical context. With the advent of quantum-based computing, creating and decrypting complex encryption algorithms becomes trivial. As a result, launching more pervasive and more devastating ransomware attacks for geopolitical purposes will likely become an even more enticing.

9 views
1 comments
4 upvotes
Related Tags
Anonymous Author
Ransomware has been slowly becoming a geopolitical weapon for the last several years. It is only recently that the scale of the attacks has reached a level that has propelled ransomware attacks to national attention. The ability to launch such attacks has always been possible. It is an unintended consequence of open system architectures. At issue is the ethics of finding exploitable vulnerabilities and using those exploits to hold businesses for ransom.  But beyond the ethics issue is the heart of the theme of the article – exploiting the vulnerabilities of universally used open systems for political gain or destruction of another country. If you think about the issue, ransomware as a weapon of mass destruction is much easier to deploy and deny than traditional vehicles of open aggression. It is increasingly likely that the next cold war will be fought across the internet instead of on a battlefield. Because of the open nature of the systems in use, it is very difficult to determine for sure who may be responsible for any particular attack. The openness of the systems architecture introduces “plausible deniability” for both ransomware gangs and the countries who harbor such gangs. However, several countries have emerged as the most likely originators of massive ransomware attacks. The article spends considerable time discussing the more traditional methods of protecting businesses from ransomware attacks. But I disagree with the author’s assertion that it may be several years before we see the first coercive encryption used in a geopolitical context. I suspect we have already seen examples of such attacks used in a stealth geopolitical context. With the advent of quantum-based computing, creating and decrypting complex encryption algorithms becomes trivial. As a result, launching more pervasive and more devastating ransomware attacks for geopolitical purposes will likely become an even more enticing.
2 upvotes