Ransomware gangs are suddenly everywhere, seemingly unstoppable – and very successful.
They have the sort of names that only teenage boys or aspiring Bond villains would dream up (REvil, Grief, Wizard Spider, Ragnar), they base themselves in countries that do not cooperate with international law enforcement and they don’t care whether they attack a hospital or a multinational corporation. Ransomware gangs are suddenly everywhere, seemingly unstoppable – and very successful.
In June, meat producer JBS, which supplies over a fifth of all the beef in the US, paid a £7.8m ransom to regain access to its computer systems. The same month, the US’s largest national fuel pipeline, Colonial Pipeline, paid £3.1m to ransomware hackers after they locked the company’s systems, causing days of fuel shortages and paralysing the east coast. “It was the hardest decision I’ve made in my 39 years in the energy industry,” said a deflated-looking Colonial CEO Joseph Blount in an evidence session before Congress. In July, hackers attacked software firm Kaseya, demanding £50m. As a result, hundreds of supermarkets had to close in Sweden, because their cash registers didn’t work.
The gangs – criminal enterprises that hack into internet-connected computer systems, lock access to them, and then sell a decryption key in exchange for payment in bitcoin – have targeted schools, hospitals, councils, airports, government bodies, oil pipelines, universities, nuclear contractors, insurance companies, chemical distributors and arms manufacturers. Hackers haven’t targeted air traffic controllers yet, but some believe that it’s only a matter of time.