Charging individual hackers with crimes rarely works because so many operate outside the reach of U.S. law enforcement.
By Nazarul Islam
Retaliation is the lodestone of any deterrence strategy. The question is whom to strike back against and how hard?
Charging individual hackers with crimes rarely works because so many operate outside the reach of U.S. law enforcement. Eastern European governments have been particularly unwilling to stop cybercriminals from operating within their borders.
Economic sanctions are another tool — but they have yet to push Russia to deal with its local ransomware groups such as DarkSide and REvil. Other countries directly support such criminal activity; North Korea notoriously uses an army of cybercriminals to raise money for the totalitarian regime.
To raise the stakes for its adversaries, the United States could launch online counterattacks on a hacking group or its host country. Retaliation measures taken could become more severe when ransomware jeopardizes public safety or access to necessities like healthcare, food and gasoline.
This appeared to be what Biden was seeking to convey during his June meeting with Vladimir Putin, when he handed the Russian president a list of 16 critical infrastructure sectors that Biden declared off-limits.
Such resolve must be backed up by more than words. For deterrence to be credible, the U.S. needs to send clear signals that it is prepared to retaliate proportionately — especially if state-sponsored hackers take down a power grid or disrupt the operation of a dam. Under international law, such actions are considered “use of force” against another country, and that puts a military response on the table.
Some experts argue that private companies also should have the right to counterattack. Among the provocative ideas are reviving congressionally issued letters of marque, a permit given to merchant ships to search out pirates and take back stolen assets by force in the 18th century.
A modern version would incentivize corporations to act as “cyber scouts” and share information with U.S. agencies in return for some immunity from fines and protection against lawsuits. A “hack back” bill introduced in Congress in 2019 would have gone further, allowing the private sector to use hacking tools against cybercriminals in the name of “active defense.”
These policies could, however, create more danger than they prevent. Ransomware attacks are frequently misattributed in the days after they become public. Private parties could unintentionally start an international conflict or escalate existing tensions. But the fact that these ideas are being taken seriously speaks to how recent approaches have fallen short.
Another way to deter ransomware attacks would be to deny hackers any gains from their successes. Regularly backing up data and exercising recovery can help, but it is not foolproof. The FBI advises against paying ransoms, but there is no consensus on whether banning ransom payments outright makes sense.
When ransoms are paid, the same digital ledger technology that powers bitcoin, ethereum and other cryptocurrencies can aid efforts to follow the money. For instance, the FBI watched DarkSide transfer its Colonial ransom haul across digital accounts, then moved in to seize about half the ransom, roughly $2.3 million. In addition, law enforcement agencies can try to make it harder to use cryptocurrencies to launder ransoms or purchase illicit goods.
Just two months after the Colonial Pipeline shutdown, another group of hackers stole sensitive data from Saudi Aramco — the largest oil company in the world — in an attempt to extort $50 million. That reflects the pernicious nature of problem: Left unabated, the scourge of hacking for ransom will extract ever-larger costs and cause wider disruptions that threaten our economic and national security.
The United States cannot rely on a passive, defensive strategy. Deterrence will require undermining everything that makes ransomware attractive by making it harder for hackers to profit — and quickly striking back against those who try.
[author title=”Nazarul Islam” image=”https://sindhcourier.com/wp-content/uploads/2021/05/Nazarul-Islam-2.png”]The Bengal-born writer Nazarul Islam is a senior educationist based in USA. He writes for Sindh Courier and the newspapers of Bangladesh, India and America. He is author of a recently published book ‘Chasing Hope’ – a compilation of his 119 articles.[/author]
