Let's talk about the geopolitical implications of the ransomware crisis, why additional money launder rules won't solve anything, and how a blanket cryptocurrency ban is the inevitable solution. (1/) 🧵
Since the early dotcom era there was always been a criminal element looking to profit from insecure software for their own gain. Ransomware has existed long before crypto, it just wasn't generally profitable or scalable. (2/)
What is new is that what was a once a small fire has had gasoline poured on it and turned into an uncontrollable blaze ripping across our most critical infrastructure Our hospitals, power grids, local governments and soon I fear much worse. (3/)
stephendiehl.com/blog/ransomwar…
stephendiehl.com/blog/ransomwar…
And this is all because this cyberpandemic was left to metastasise by the last US administration's inaction and "wait and see" attitude on cryptocurrency that has left society in this vulnerable position. (4/)
Cryptocurrency didn't just revolutionise ransomware, it created an entire nitro-fueled economic engine around it.
Ransomware gangs are now operating more like unicorn tech companies and siphoning off hundreds of millions in revenue from victims. (5/)
marketwatch.com/story/ransomwa…
Ransomware gangs are now operating more like unicorn tech companies and siphoning off hundreds of millions in revenue from victims. (5/)
marketwatch.com/story/ransomwa…
These gangs have a corporate structure with VPs, Product Managers, Human Resources, KPIs and standups just like any other tech company. The banality of evil is on full display in how normalized it is to extort hospitals and COVID labs. (6/)
moneylaundering.com/wp-content/upl…
moneylaundering.com/wp-content/upl…
And for every big-game corporate ransom that gets paid, it just creates 10 more ransoms of ever-increasing size, efficacy and frequency. (7/)
cybernews.com/security/how-w…
cybernews.com/security/how-w…
In 2020 ransomware attacks were up over 150% over the previous year, and 2021 has only seen that count and the size of ransomware demands explode exponentially. We're in a pandemic now. (8/)
hbr.org/2021/05/ransom…
hbr.org/2021/05/ransom…
In an economy like Russia, which has drawn the short straw of history so many times in the last century, these are life-changing job that drawing in best cybersecurity talent just like Google or Netflix would. These are clever people who are very good at what they do. (9/)
When we have $10m+ big-game ransoms payed every other week by half a dozen S&P500 companies, all split across five or six people in the ransomware gang that's a very lucrative profession and makes a lot of economic sense for people living in an authoritarian regime. (10/)
That's enough money to buy your way out of the country and resettle your family in Europe if you play your cards right. Important not to forget that ransomware criminals are real people living under an oppressive authoritarian regime. (11/)
And for every company that pays these ransoms it only increases the realisable size of future ransomware demands and incentives even more growth. The gangs can take that money and recruit another dozen people to scale out their enterprise just like a startup would. (12/)
We're at like the Series A funding level of ransomware sector. And I don't want to see what happens when we get to multibillion dollar ransomware demands against our nuclear arsenal and power grid, but we're heading there pretty fast. (13/)
https://twitter.com/EamonJavers/status/1403094483676319745
From the US (and G7 generally) the only sustainable solution is not to pay, but that's an impossible ask for companies which have to weigh the cost of recovery against the ransom cost and which is most often strictly less than paying the hackers. (14/)
Even if it was made illegal to pay the ransomware, multinationals would just have their foreign offices pay it or lobby the government to lift the ban. (15/)
Controlling the flow of extortion payments is also unlikely to do anything. Even if every nation in the G7 added insanely strict AML provisions across all their domestic cryptocurrency exchanges (which they totally should do anyways) it wouldn't change the dynamics. (16/)
Ransoms are payed via offshore security consulting companies (often in Malta) that prebuy their crypto over the counter and then bill their clients in dollars for "services" and then pay the ransom on their behalf. Rarely is the company even exchanging dollars on-demand. (17/)
On the opposite side we have absolutely no sway over Russian exchanges trading BTC/RUB pairs or Russian banks keeping illicit transactions off the books. That's far outside the reach of the US and it's a notoriously opaque "jurisdiction" (and I use the term very loosely). (18/)
True that extorted Bitcoin can be tracked, but that means little if the tainted coins only flow between criminals, they just trade at a discount and effectively operate as an uncensorable settlement network for entities that are under UN sanctions. There's a market for that.(19/)
And crypto could very well form the de facto channel for countries not aligned with the rules-based international order to route around US dollar restrictions and circumvent sanctions entirely. We see North Korea doing that today. (20/)
Especially so once tens of billions of extorted funds are sloshing around fueling the fastest growing tech sector in sanctioned countries. And that kind of dark crypto shadow banking is certainly not in the geopolitical interests of the United States or our NATO allies. (21/)
The elephant in the room is cryptocurrency, why are we letting a technology whose benefits are purely illusory and has no clear use case other than gambling and extortion a free pass when it's reaching the level of a national security crisis?
This is insane. (22/)
This is insane. (22/)
Cryptocurrency exchanges need to be brought to heel, they are dangerous unregulated casinos operating in a Wild West environment that provides nothing to society that couldn't be done better in other ways and extracts from all of society for their continued existence.
/fin
/fin
• • •
Missing some Tweet in this thread? You can try to
force a refresh
