A highlight from Are ransomware attacks the new normal?

PRI's The World


Canadians are dealing with a long buried atrocity. The bodies of indigenous children discovered at a reform school. How could you not know. Two hundred and fifteen children are missing somewhere who also today. Protesters in columbia are standing up to police. Violence activists are confronting. Police officers often trained for war. So this is very dangers. Because when soldiers are trained to kill enemies in war police officers should always be trained to de escalate the use as lethal force as necessary and professors of the classics of long relied on an old school dictionary to interpret ancient. Greek i used it very heavily. The binding has long since failed. But now it's time to move on. Oh well no kweskin. I'm marco werman those stories more today. You're on the world. I'm marco werman. You're with the world. It is good to be with you another big hack this week this time. A cyber attack on the world's largest supplier of meet the latest in a string of attacks. It seemed to be growing in frequency and audacity. The hamburger supply chain is impacted. But perhaps we should be thinking about what can be done to stop. This josephine wolf is a professor of cybersecurity policy. The fletcher school at tufts university professor. In the case of the latest attack on the jbs company did it literally. Stop the machinery. So no meek could be processed. What exactly happened. It did. Halt cattle slaughter their. Us plans for a brief third of time. We think less than a day starting on tuesday in restarting today on wednesday but it does seem to love actually stopped of at several of their plants. Right so this was impactful. I mean i looked on a website that tracks global ransomware attacks and it listed twenty. Two of them for the month of may is this. The new norm or was may just an uncharacteristically active month. We've certainly seen some very big and very high profile ones in may. But what i would say is. This is a little bit. The new norm in that twenty. Two number that you see publicly vastly undercounts. How many of these incidents are happening that we don't know about that aren't being reported in the news or arpey reported to the authorities road so as you look at say the past year are these cyberattacks coming more often from any particular countries or is it random. It's only not random. The sources for most of the biggest and highest profile attacks that we've seen particularly ransomware are organizations based in russia and sometimes parts of eastern europe that we know have been willing to harbor cybercriminals and ransomware attackers in particular. The russian government has been involved with some of the attacks out there and actually turn out to also have political purposes as well as financial motivations. But it's also tricky because the russian government is often coordinating or cooperating with these criminal organizations and other ways taking intelligence information from them from the computers compromise so even if the government isn't beckley behind these attacks they're often involved or condoning it in various ways. How easy is it for criminals to get access to ransomware. And who are they getting it from the extremely easy to get access to ransomware these days. It's become a- sufficiently popular criminal activity that there are companies that actually provide ransomware tools to other criminals so for instance the colonial pipeline attack the organization. That was behind. That dark side is what we call a ransomware as a service company that is it. Rents out ransomware programs and the infrastructure. You need to distribute those ransomware programs and collect payments from them to other criminals who want to attack certain victims. So what needs to change to thwart. Cyber i mean can it be as easy as just taking away the ransomware. Well just taking away. The ransomware actually really complicated because ransomware code has a lot of different forms. And there's there's no easy coordinated way to crack down on the code itself. I think that one of the things that has to change is we have to think about how to make this less profitable less lucrative for criminals so that they no longer want to engage in this so they're no longer making money and that means probably targeting the cryptocurrency infrastructure which is really essential to their business model. There's no way to do this if you're relying on mastercard and visa to process these payments and it's also going to require putting a lot more pressure on the

Coming up next