24 September 2024

From Ransomware to Ransom War The Evolution of a Solitary Experiment into Organized Crime

Max Smeets

Introduction

Historically, discussions on cyber conflict have primarily centered on the involvement of state-sponsored or affiliated groups. 1 Yet, the growing prominence of criminal actors – specifically, ransomware groups – now demands a shift in attention. Ransomware, a type of malicious activity where hackers lock access to files or systems until a ransom is paid, increasingly threatens both citizen safety and global stability. In 2022, the majority of the U.K’s government’s crisis management “Cobra” meetings were convened in response to ransomware incidents rather than other national security emergencies.2 According to Sami Khoury, the head of the Canadian Center for Cyber Security, the threat from nation-states remains significant but cybercrime, of which ransomware is the most disruptive form, is “the number one cyber threat activity affecting Canadians.”3 The Swiss National Cybersecurity Centre warns that ransomware could pose an “existential threat” to businesses and government agencies.

This report discusses significant milestones in the development of ransomware, and what turned them into a significant threat to human and national security.

It starts with the adoption of better encryption techniques by criminals, enabling them to effectively hold data for ransom. The use of botnets subsequently expanded their operational reach, while there was also a shift away from prepaid card systems in favor of cryptocurrencies such as Bitcoin, which provided anonymity and ease of transaction.

No comments: