Hacking: start of a new war
AMASSIVE cyber-extortion attack known as “WannaCry” wrought havoc across the globe last week, taking out much of Britain’s National Health Service and, in a delicious bit of irony, the Russian Interior Ministry.
The attack was a long time coming, representing the inevitable merging of two plagues that have long ravaged the internet: the invention of programs that can rapidly infect digital systems and the rise of internet crime. Without action, WannaCry represents just the first of what will undoubtedly be a long nightmare of self-propagating criminal attacks.
The first internet plague arose in 1988 when a small program, written by computer scientist Robert Morris jr, escaped. This program, clearly written as an interesting experiment, ran on a single computer and, from there, attempted to contact other computers. Once it found another computer it attempted to exploit the victim using one of several vulnerabilities. Exponential growth caused it to spread quickly to all vulnerable systems on the internet.
The second plague crept up on us more subtly in the form of criminals seeking to make money. From spammers hawking Viagra to online bank robbers seeking to take control over corporate accounts, this plague is organised crime that doesn’t care much about the damage done as long as it makes money. One particularly vile criminal strain involves ransomware: malicious programs that encrypt a victim’s files and demand money to access them.
The ransomware epidemic is fuelled by multiple factors, most notably the presence of both online criminal communities enabling specialisation and Bitcoin. Criminal communities enable specialisation. Somebody good at coding can write a ransomware framework and sell it to someone who’s good at attacking computers. Many of these communities are Russian, as Russia has a long history of sheltering cyber-criminals who don’t attack Russian interests.
WannaCry is simply the merging of these two plagues. Dealing with such worms is a technical problem – one that researchers have and will continue to focus on.
There is a potential, however, to disrupt payments. In the past, cyber- criminals used Liberty Reserve until the US government shut it down and arrested its founder for money laundering. This proved a substantial blow to the criminal underground.
Likewise, ransomware actually looked poised to take off earlier with payments through Green Dot MoneyPak and similar networks, but pressure from the Treasury Department has stifled the cash-out network. That leaves Bitcoin as the only game in town for those wanting to conduct cyber-extortion at scale.
Perhaps it is time for the US to actually take meaningful action against Bitcoin. For non-criminal transactions, Bitcoin is decidedly inferior to all the alternatives, as it is expensive, cumbersome and surprisingly slow. Bitcoin’s only “superiority” over other electronic payment systems is its censorship resistance. There is no central authority that can say “thou shalt not”. Thus, it is only superior for criminal uses such as drug deals or extortion.
There is also a possibility for a technical solution – clogging the Bitcoin network with spam transactions.
Unless something can be done about the presence of payments through criminal-friendly Bitcoin or other means, we can only expect these two merged plagues – the crimeware worms – to continue to create chaos. – The Washington Post
Weaver is a computer security researcher at the International Computer Science Institute in Berkeley, California.