Another bunch of Russian miscreants
It's starting to look like invading Russia is something that should start being planned.
The Feds have warned organizations about a lesser-known extortion gang Karakurt, which demands ransoms as high as $13 million and, some cybersecurity folks say, may be linked to the notorious Conti crew. In a joint advisory [PDF] this week, the FBI, CISA and US Treasury Department outlined technical details about how Karakurt …
We can solve this problem by making it illegal to pay ransom. It wouldn't even be that hard to police, since bitcoin transactions are traceable, and the FBI is getting better and better at doing that.
The only reason the ransomware industry exists is because of bitcoin, and because governments weren't smart enough to nip it in the bud when it started by making such payments illegal right away.
I may be a little bit cynical, but I do believe that when governments/parliaments don't take the logical steps to block an illegal activities the reason is some in the aforementioned entities take a lot of profit directly or indirectly from these activities.
Yes, because companies never do anything illegal. They never engage in any off-book financial activity, or operate through proxies.
Remember when we made bribery illegal and completely eliminated it forever? That was great.
Paying ransoms often is illegal already, because of KYC and other financial-transaction requirements, sanctions, laws against funding various sorts of criminal and terrorist enterprises, etc. In the US, for example, we've had a stream of guidance from various federal agencies pointing out that it's often a violation to pay ransom or exfiltration-extortion demands.
So: solution tried, proven ineffective. Sometimes complex problems don't have simple solutions. Who would have thought it?
If that's true (and I'm very skeptical) they need to start enforcing it, by first making a very public announcement to all companies and federal/state/local government agencies that they will be begin enforcement on a given date, and they will need to either be better protected or fully insured against the consequences of losing their data by that time.
Never is not exactly right. One invasion was rather successful. Ask the Mongols.
But what records of this successful event also show, is, that you can only be successful with a type of action that would be, well, not palatable to our own current values.
So the decision is just that hard: Either lose some or many of the values you fight for, or lose the war.
Biting the hand that feeds IT © 1998–2022