The war on cybercrime is just beginning as we look to tame the Wild West era of the internet.
Another week, another supply chain attack, another ransom demanded. It seems this is going to be a broken record for awhile, and why wouldn’t it be? Ransomware attacks are lucrative, and they often work. The most recent attack on Kayseya ended up affecting around 60 customers and nearly 1,500 additional downstream customers in multiple countries. The motive in this case is money, rather than information as in the SolarWinds hack. Whatever the motive, something has to change and it’s going to take a global effort to stop cybercrime.
Governments around the world are taking notice of how these attacks are affecting everyday people, not just the businesses that are targeted. Last month, the Ukraine, South Korea, the United States and Interpol all collaborated to arrest members of a known ransomware gang located in Ukraine. President Biden signed an executive order making ransomware attacks, and those who assist in them, akin to terrorism. Other countries are instituting their own policies and legislation. This is a great first step, but it won’t be enough.
It won’t be enough because every country is doing its own thing, setting policies and creating legislation around their own needs. Additionally, countries that don’t always get along (like Russia and the U.S.) will not be keen to assist each other should a cybercriminal be tracked to the opposing location. There are plenty of factors outside of cybercrime that determine if one country helps another country or not.
Which is why a global collaboration is incredibly necessary to combat cybercrime. Threat actors and cybercriminals know how to throw law enforcement off their trail, making it difficult and costly to find them. They also know the areas of the world where they can safely hide and know they will not be in danger of extradition.
It took many years for countries to come up with governing bodies like the United Nations and NATO. Something like that in the arena of cybercrime regulations is going to take a very long time to work out. Getting everyone to agree on ramifications of cybercrime, that punishment will be handed out fairly and the consequences of not adhering to the rules put in place is going to take a big effort. And it’s going to take everyone working together.
Humans are engineered to be individuals with their own beliefs, morals, ethics and ideas. It’s what makes us unique and gives us the opportunity to grow and learn from each other. Not everyone thinks the same way and that difference leads to great things like innovation and entrepreneurial endeavors. But those differences can also cause friction and problems when it comes to agreeing on anything. But cybercrime and it’s increasingly sweeping scope benefits a narrow few at the detriment of a great many. So it’s time to start negotiating internationally to tamp down the most insidious actors.
That’s not our area of expertise, that falls on lawmakers and world leaders, but it is something that needs to happen. We are in the early stages of the war on cybercrime. It’s not going anywhere anytime soon because criminals are getting what they want. Whether it’s information, data, money, crypto or infamy, the criminals are winning. And they will continue to win as long as regulations stay the way they are and the global governing bodies remain idle.
This may seem like a very negative outlook on where we are right now, but it’s not meant to be. This is a note for business owners and business leaders and tech teams to remain vigilant. While the governing bodies are taking notice, any action is going to take time.
So make sure you are watching your corner: security protocols, patching, vulnerability scanning, alerting, are now more important than ever before. Bring in an expert with an outside view to review your security. Your business being prepared may be the difference between being in business and being a headline.