Foreign Policy Essay
Ransomware Lessons for a Nation Held Hostage
Danielle Gilbert Sun, Sep 12, 2021, 10:01 AM
Cyberattacks present unique challenges, but governments and businesses can learn from other forms of hostage-taking.
Latest in ransomware
Cybersecurity and Deterrence
What Is Cyber Command’s Role in Combating Ransomware?
Erica D. Borghard, Lauren Zabierek Wed, Aug 18, 2021, 2:49 PM
Recent ransomware attacks against the United States are raising questions about whether and how the military, specifically U.S. Cyber Command, might counter this type of malicious cyber activity. Here, we provide a road map for policymakers to help guide their decision-making on this critical policy challenge.
Cyber & Technology
Ransomware Payments and the Law
Alvaro Marañon, Benjamin Wittes Wed, Aug 11, 2021, 3:52 PM
Ransomware amounts to an ongoing tax by foreign gangs on U.S. governments and industry. If U.S. companies are going to pay extortionate taxes to foreign non-state entities, they should at least have to file a tax return.
Cybersecurity and Deterrence
How to Start Disrupting Cryptocurrencies: “Mining” Is Money Transmission
Nicholas Weaver Wed, Jun 9, 2021, 7:01 AM
Making cryptocurrency mining illegal won’t stop all mining, but it will seriously disrupt it.
Cybersecurity and Deterrence
The Ransomware Problem Is a Bitcoin Problem
Nicholas Weaver Thu, May 27, 2021, 12:56 PM
The best way to deal with this new era of big-game ransomware will involve not just securing computer systems or prosecuting criminals, but disrupting the one payment channel capable of moving millions at a time outside of money laundering laws: Bitcoin and other cryptocurrencies.
Cybersecurity
Thoughts on the NotPetya Ransomware Attack
Nicholas Weaver Wed, Jun 28, 2017, 4:16 PM
Worms, malicious computer programs that spread from computer to computer throughout the network—are perhaps the most devastating delivery mechanism for an electronic attack.
Cyber & Technology
Ransomware Remixed: The Song Remains the Same
Trey Herr Wed, Jun 28, 2017, 10:11 AM
Another month, another ransomware epidemic. Broadsheets are screaming panic while companies yell back that All Is Well and Ukraine shows the world what gifs can do for incident response. Twitter is abuzz with the rapid, globalized forensics effort of a legion of amateurs and professionals (though nothing yet from the White House).
Cybersecurity
Microsoft’s Response to WannaCrypt
Herb Lin Mon, May 15, 2017, 8:50 AM
In a recent blog post, Microsoft argued that the use of a vulnerability for Windows XP stolen from the NSA and released by the Shadow Brokers has caused widespread damage in the public domain, and the lesson that governments should learn from this incident is that government stockpiling of vulnerabilities that might be inadvertently revealed presents a hazard to safe computing around the world.
Cybersecurity
Crying About WannaCry: Notable Features of the Newest Ransomware Attack
Nicholas Weaver Fri, May 12, 2017, 8:04 PM
You’ve likely heard, by now, about the “wCry” (aka WannaCry) ransomware worm. There are a few features of this attack worthy of particular note.
Cybersecurity
The Real Lesson from the WannaCry Ransomware
Ben Buchanan, Stuart Russell, Michael Sulmeyer Fri, May 12, 2017, 7:41 PM
Lawfare and others have spent an enormous amount of time discussing the intricacies of the Vulnerabilities Equities Process (VEP). Many policy conferences have been dedicated to the matter, and an even greater number of Twitter debates. The topic, in its own way, serves as a proxy for what one thinks of broader issues in information security and signals intelligence.
Today’s so-called WannaCry ransomware attack reveals the stakes, but more importantly the limits, of that debate.