The end of innocence - Ransomware-as-a-Service?

Blog Image

Yes, you read it right.

First there was Software-as-a-Service (the ubiquitous "SaaS" now part of the vocabulary of every tech startup), then Platform-as-a-Service (think Salesforce) and now, not illogically, we have the ever-enterprising criminal underworld writing code for fellow cyber-crooks to download and use for extortion. They call it RaaS. Not only is ransomware cheap and easy to use, it's also easy to spread. You don't have to be tech-savvy, and it provides a quicker payout than stealing credit cards. Of course, there's a charge – and of course, payable only in Bitcoin.

Call it the rise of the Dark Web. Even the imagination of George Orwell couldn't envision where we would arrive just a few decades past 1984.

Want to buy drugs? Steal copyrights? Spread false rumors? Manipulate history? Destroy companies? What about innocent people? There's a URL for all of it. The system is built, up and running. The real concern is that this is just the beginning of what's coming.

Consider this:

  • Cyber-crime is growing exponentially. It is well-funded, increasingly nefarious and ever more costly to its victims. The World Economic Forum estimates the current price tag on cyber-crime that can be identified at $500 billion and growing fivefold by 2019.
  • An Osteman Research survey of 540 organizations in North America, the U.K. and Germany reveals that nearly half of them sustained ransomware attacks in the past twelve months.
  • Cyber-crime is simple, accessible, and it works. Most important, it is highly profitable. Market forces rule.
  • There is no mechanism, or even an organized, concerted multi-national plan to thwart the internet's burgeoning black hole of criminality and illusion.
  • The insurance industry is running scared. Spending on cyber-insurance has swelled from $1 billion to $2.5 billion in just two years. With no foreseeable solution there can be no end to this costly trend.

The commoditization of fraud has lead to profound risks at all levels of society – government activities, public and private information, critical infrastructure, business stability and consumer protections are all highly vulnerable. Everything is for sale – not just financial information, but intellectual property, email addresses, healthcare records, even social media accounts. All you need is intent and a TOR browser.

With the digitization of seemingly all of our belongings the threat horizon continues to expand - our appliances, self-driving cars, mobile phones and baby monitors have all become tools for prying and control. As our innovations make life easier they also bring along the potential of greater risk. What is the acceptable tradeoff between privacy and convenience? Cyber-criminals already know the answer, and they have six billion global devices to exploit.

All this gloom does not address the central question of what to do. The root cause is the very nature of the internet itself. It was deliberately designed to be self-managing, and I cannot help but wonder if the current state of affairs is remotely what Tim Berners-Lee expected. It has brought out the worst in (some of) us, coarsened our social fabric, generated mistrust, spread global falsehoods and illuminated the power of easy deception on a substantial portion of a willing and gullible public. Alternately, it has given us extraordinary capabilities to connect with each other, to learn and to infuse efficiencies and opportunities into virtually every corner of our social, personal and professional lives.

With the power of the internet, its very distributedness is both its good and its bad essence. We have an inherently global method to do, and to reach, and therefore to affect each other. As long as that unfettered capability exists, along with those individuals or nation-states with malicious intent, we will continue to wage a long guerilla war against an invisible force of limitless number.

At the core of this observation is recognition of the immutable opportunistic bent hard-wired in the human brain. It has driven our survival and our success since the dawn of time. Fair advantage will always be sought, and rightfully so; it is those that cross the line of acceptablity that have historically been impossible to control.

Nevertheless, without bright minds either changing our basic nature, an unlikely prospect, or finally banding together to find a workable global solution to our internet dilemma (perhaps somewhat less unlikely), I fear we are in for a long slough through an increasingly messy digital world. Mr. Orwell, you could have had no idea...

Back To Blog Stream

Leave a Comment