Yesterday one of Russia’s most aggressive Ransomware hacking groups abruptly vanished from the Internet. This is probably the result of secretive work from the Biden administration, and it’s great news.
The Times article offers this potential downside to the development: “it left some of the group’s targets in the lurch, unable to pay the ransom to get their data back and get their businesses running again.”
But actually that’s great news too. And sorry, but I have no sympathy–none, zero–for businesses that depend on ransom payments to get back online. Their stupidity is the reason we have to deal with ransomware in the first place.
Ransomware has become a lucrative source of income for dangerous state-affiliated hacker groups and nation-states that are shut out of the real world economy. The real solution to the ransomware crisis? The United States should criminalize the payment of digital ransom money–with real, fearsome penalities like jail time for company executives. Paying digital ransom is essentially the same thing as wiring money directly from American businesses to the Russian intelligence services or the North Korean government. It’s an outrage that it happens. If everyone stopped paying, the attacks would stop completely and we could all just move on.