Friday, June 30, 2023

The Ransomware Hunters

The inter net has opened a Pandora's Box.  It has made many billionaires and definitely made life more pleasant for more people than almost any other invention.   We have become so dependent on it that it can upend our lives.  Some have mastered its innermost secrets, at least enough to manipulate the masses.  Using mammoth amounts of details some made fortunes analyzing, refining and developing strategies to make more profit.  Stealing information was another way to make money.  More recently another way was developed by blocking access to information and demanding a ransom to restore it.  And beyond that others could unravel blockages.

 The book starts with some people who might be called misfits as alluded to in the subtitle.  They were obsessed with what computers and the inter net allowed them to do.  They developed skills, but the time required combined with their personalities assured they were not popular.  Of course when they were able to apply their knowledge for the benefit of others they did gain a sort of popularity.

While some turned their skills to exploiting others for profit, a few loved the challenge of developing their skills further.  For some this meant stealing information for those willing to pay.  Eventually some learned they could make easy money by blocking access to computers and the internet.

Still others wanting to help enjoyed the challenge of breaking the puzzle.  Some of them found each other and worked as a team.   Initially they were sometimes able to decypher the blocking and restore the original information and save the ransom.  Sometimes they were able to determine the address of the perpetrators and if they were not in a country with no extradition they could be arrested.  

The internet has opened up the whole world and hackers are very adept at exploring internationally for opportunities as well as support.  It was thought Russian gangsters were involved at early stages.

As ransomware became more common, legal authorities became concerned and did take steps.  The F.B.I. was interested, but their setup offered limitations. They tried to train established agents, but found in the first place they were not skilled enough.  Even more they ran into a culture problem.  Taken from other cases, agents found they were often ridiculed because even when successful there were seldom arrests and the crimes seemed less serious.  Promotions were largely based on arrests.  When the F.B.I. tried to recruit the really skilled, there was no interest in the regular training program and no desire to carry a gun.  Over time some rules were bent and a strategy of contracting skilled operators for specific projects.

In the Netherlands, a different strategy developed.   The started a branch called the High Tech Crime Unit.  Soon they actually recruited skilled hackers and paired them with regular trained officers.  The high tech people were part of the culture.  Another development occurred when an autistic person was directed to them which at first was resisted, but persistence resulted in training that paid off.  Pairing an autistic with a regular agent worked better as there was respect on both sides.

The ransomware hackers at first had money sent to safe accounts in places like Panama, but realizing they might be traced discovered bitcoin which was much harder to trace.  Iran, Russia and North Korea are almost impossible to penetrate as they do not have extradition to the U.S.

COVID increased society's dependence on the inter-net.  Schools were shifting to online instruction which could be disrupted.. 

Recovery companies saw an opportunity to help victims.  Unfortunately many of them were exploitative.   Some companies would negotiate a lower demand and keep the difference without telling the client .  Sometimes making a working relationship with the attackers to their mutual benefit.

Insurance companies are finding it more difficult to insure with the ransomware amounts escalated.  .  Negotiations original demand

As defenses get more sophisticated so also do offenses.   This book was published in 2022 and is excellent to bringing you up to that date..

This account is told by investigative reporter Renee Dudley and Pulitzer Prize winner Daniel Golden.

No comments:

Post a Comment