Skip to Main Content

Strategic Business Insights (SBI) logo

Internet of Things August 2021 Viewpoints

Technology Analyst: David Strachan-Olson

Ransomware Crackdown

Recent ransomware attacks against large companies with critical national interests have spurred new efforts to stop ransomware criminals. The US DOJ plans to increase the seriousness of investigations into ransomware, and some stakeholders are calling for governments to clamp down on cryptocurrencies to make receiving payments anonymously more difficult for attackers.

Description

Ransomware attacks have been a nuisance to organizations for years but are increasing in frequency and severity. Attackers are now going after critical infrastructure, which can negatively affect entire nations. A ransomware attack against Colonial Pipeline resulted in the six‑day closure of an oil pipeline that serves significant portions of the southeastern United States. An attack against JBS, a meat‑processing company that supplies approximately 20% of meat globally, resulted in the temporary disruption of a number of meat processing facilities in the United States, Canada, and Australia. In both cases, the companies paid the attackers millions of dollars of ransom for decryption keys.

The national impacts of these attacks have triggered an aggressive response from the United States government. The US Department of Justice (DOJ) will start treating some ransomware attacks as acts of terrorism and use investigatory tactics it typically reserves for domestic and foreign terrorists. Using a new ransomware task force that will coordinate all investigations, the DOJ plans to go after the entire criminal ecosystem that surrounds ransomware, such as hosting services, cryptocurrencies, and botnets. At the same time, a number of security experts are suggesting that governments begin to crack down on cryptocurrencies because they provide a mechanism for attackers to receive payments while remaining anonymous. If attackers had to use traditional transaction and banking infrastructure, international law enforcement could track payments and identify attackers much more easily.

Implications

Ransomware attacks are likely to increase in the near term. A 2021 report from the cybersecurity firm SonicWall notes a 62% increase in ransomware attacks worldwide from 2019 to 2020 and a 158% increase in ransomware attacks in North America over the same period. Two major attacks against large companies within the same month should put all corporate cybersecurity teams on notice. Interestingly, reports indicate that in both cases the companies under attack chose to halt operations even though the attackers did not compromise the IoT systems necessary for operating facilities and infrastructure. Instead, the companies halted operations while they evaluated the severity of attacks, which impacted other parts of their businesses. Future attacks might target connected systems explicitly to cause disruption and chaos in factories and with infrastructure until the victims agree to pay a ransom.

Although stakeholders typically think of ransomware as a problem to solve with better cybersecurity practices, actions by governments to go after payment networks could prove effective. Without a reliable way to receive payments anonymously, attackers would likely decrease the frequency of ransomware attacks, even absent dramatic improvements in cybersecurity practices. However, companies and governments still need to concern themselves with nation‑state attacks that could take critical national infrastructure offline.

Relevant Areas to Monitor

  • Cybersecurity

    Cyberattacks are increasing in frequency and severity. Networked cyber-physical systems require extensive security measures, because attacks against such systems could cause significant damage. Hackers constantly find new vulnerabilities; therefore, organizations must continually monitor and improve their systems.

  • Industry 4.0

    Industry 4.0 leverages machines, parts, and services that exchange data and self-configure to support dynamic, agile, and efficient manufacturing processes. Stakeholders expect Industry‑4.0 to revolutionize manufacturing and industrial practices to create self-sufficient systems, but challenges could limit progress.

Impact Scale

On a scale of low, medium, or high, the anticipated level of impact for this topic is: High.

Impact Timing

On a scale of now, 5, 10, or 15 years, the anticipated impact timing for this topic is: 5 years.

Opportunities in the Following Industry Areas

  • All industries

Relevant to the Following Explorer Technology Areas