A former White House cybersecurity coordinator told last week’s RSA Security conference that ransomware has gone from being an economic nuisance to becoming a “scourge” that must be fought by governments worldwide.
The conference took place against the backdrop of a cybersecurity industry increasingly challenged by attacks, many of them driven by ransomware.
Michael Daniel, chief executive of the Cyber Threat Alliance, told a panel that ransomware has evolved from economic nuisance eight years ago to a national security and public health and safety threat today.
He argued that it would require significant action to reduce the value that criminals got out of ransomware.
According to a March 2021 ransomware threat report by Palo Alto Networks, the average amount demanded by ransomware gangs doubled in 2020. The average ransom paid tripled in the last year to over $300,000.
The panel was recorded before details of the recent Colonial Pipeline ransomware attack emerged, so it could not discuss the lessons learned. As the conference was taking place, it emerged that Colonial’s chief executive Joseph Blount had transferred 75 bitcoin – around $4.4m – to the attackers because he was unsure of the attack’s extent or Colonial’s prospects for recovery.
Cryptographers play down quantum computing
Alongside concerns about ransomware, the future impact of quantum computing and the lessons from the SolarWinds attack were also among the critical issues discussed during the RSA conference.
The ongoing development of quantum computing has been described as threatening the encryption algorithms that currently protect data, from online banking records to personal documents on hard drives.
Prominent members of a cryptographers’ panel at the conference played down quantum computing’s potential impact. Ron Rivest, one of the inventors of the RSA algorithm, described it as “astonishing to me how much energy is going into the commercialization of technology that doesn’t yet exist.”
Rivest added that the number of start-ups involved in quantum computing meant that the amount of money being invested in the technology is incredible.
“I think the two major questions are, ‘Can you build a quantum computer at scale that will last long enough to do it a useful computation?’ and ‘Are there useful applications for this technology, even if you could build it?’ And I think the answers so far are ‘not clear’ and ‘maybe.’”
RSA told SolarWinds attack started earlier than originally believed
In a separate session, SolarWinds chief executive Sudhakar Ramakrishna said the company’s ongoing investigation into last year’s cyber breach found that the nation-state group behind it began probing SolarWinds’ network as early as January 2019.
Previously, it was widely believed that attackers first gained access to SolarWinds’ systems in October 2019. The breach, which impacted 100 companies and nine government agencies, remained undetected until December 2020, nearly two full years after the initial malicious activity.
What the RSA conference confirmed is that hackers remain several steps ahead of the cybersecurity industry. Ransomware attacks are increasing precisely because attacked companies like Colonial Pipeline will pay to keep their operations running. In the absence of effective government and industry action to thwart the attackers, they’ll probably keep on paying.