Ransomware attacks, which the FBI estimated could cost the United States $1 billion this year, have “become a real plague on the Internet,” according to Sen. Sheldon Whitehouse, D-R.I.
As these attacks are becoming more sophisticated and destructive, the Senate Committee on the Judiciary on Wednesday addressed whether law enforcement has the right tools to foil them.
The increase in ransomware attacks, where criminals install malware on a computer to block access to the system until money is paid, is due to vulnerable networks and users who fall for social engineering attacks. Sen. Lindsey Graham, R-S.C., called ransomware “just a different way of shaking people down and stealing.”
Once one computer is infected, it’s easy for criminals to spread the malware throughout a server or infrastructure. Cyber criminals can operate inexpensively and still receive high return from their victims.
Richard Downing, acting deputy assistant general at the Department of Justice (DOJ), wrote in his testimony that ransomware, “offers criminals an increasingly popular avenue to profit from unlawfully obtaining access to others’ electronic devices.”
Downing continued, “Advances in technology such as anonymizing proxy networks and bitcoin offer even average criminals highly sophisticated tools to avoid detection.”
Those who are faced with a ransomware attack often pay attackers in bitcoin in order to have their data and files restored.
Adam Meyers, vice president of intelligence at CrowdStrike, reported about 40 percent of victims pay the ransomware. Meyers said the U.S. needs to “turn the table in the economic model and make it more expensive to operate.”
Graham believes nation-states need to be identified as good or bad. Citizens should be aware if nation-states are collaborating with other nations to address the problem of ransomware or if they are “turning a blind eye.” Graham views this approach as a “hybrid of law enforcement and diplomacy.”
While Downing reported “a lot of the threats from ransomware are coming out of Eastern Europe,” he feels it is “more of a criminal motive to date than a political motive.”
It’s not just agencies that face these attacks. Attackers have gone after schools, enterprises, hospitals, individuals, and more.
“I want to hold someone criminally liable who puts a student, or a patient, at risk,” said Graham.
Whitehouse emphasized, “It’s not just breaches any longer.”
The speakers said defeating botnets is key to fighting the attacks.
Downing wrote, “Botnets are networks of computers infected with malware that criminals can control remotely.”
Whitehouse described botnets as “the engine of cyber crime…closely tied to the ransomware problem.”
This week the Botnet Prevention Act of 2016 was introduced, which would empower prosecutors to act against those involved with botnets by:
- Expanding DOJ’s authority to tear down the botnets.
- Creating a new criminal offense for selling or writing access to botnets.
- Raising penalties for attacks on critical infrastructure and computers.