Geopolitics of ransomware

Why we tolerate pirates and their lairs

Welcome to this week’s Active Measures.

If foreign mercenaries were launching raids on British, American or other Western countries, stealing possessions, wreaking havoc and extorting ransoms, our military and security agencies would be doing two things: punishing the perpetrators and boosting our defences.

The plague of ransomware — recent targets include Ireland’s health service and the Colonial oil pipeline in the US — has so far attracted mainly handwringing. Like nautical piracy in past centuries, this is an industry. Two dozen gangs run the market, and “earned” at least $18bn in ransoms in 2020.

That money doesn’t just make the gangsters rich. It also funds product development and marketing. We — taxpayers, consumers, shareholders — are financing the next wave of attacks. They will be worse: ransomware is essentially quite primitive.

The response so far has mainly been handwringing. Victims pay up: it’s cheaper than losing the data. Nobody gets punished. The result: the crime is lucrative and risk-free.

That’s changing, belatedly, with three developments:

1. NSA and other agencies appear to be using their capabilities to make life a lot more difficult for the pirates. The prominent DarkSide hackers have closed down, at least for now, citing pressure from the US.

2. The US government is using its clout as a purchaser to raise cyber-security standards: suppliers who don’t meet them won’t get the business. The simplest and cheapest way of dealing with ransomware is to back up your data properly.

3. The administration and allies are putting more pressure on countries where the pirates are based.

That’s a start, but not enough (cryptocurrencies are what really makes this business work and nobody’s ready to deal with them yet).

The biggest question is what it will take to get the Russians and Chinese to cooperate with global law enforcement against cyber-criminals. We need to treat them like pirate lairs. But we don’t.

My worry is that these countries scent a grand bargain. Their autocratic rulers want “cyber sovereignty” (meaning that states control the internet within their borders). Much Western discussion about how to counter “fake news” is moving in the same direction. Free speech has ever-fewer defenders these days. Enjoy it while you can.

What I’ve been doing: the China Influence Monitor looked at German impatience with Hungary, and the squirming behaviour of the Winter Olympics’ sponsors. It’s weekly, snarky, and free — please sign up for it.

My CEPA column was on what the current NATO/US exercises in Europe reveal about the transatlantic security relationship. In short: Europe is still pitifully dependent on the Americans for everything that matters. That’s unsustainable.

That’s it for now — I will be back in your inboxes next week with some more substantial thoughts now that I have the chance to think them, and bounce them off other people.

Best regards,

Edward