WASHINGTON D.C. — It’s 2020, bitter cold outside, you’re running late for work, and the Linux box that controls your car isn’t going to start unless you wire $20 worth of Bitcoin to an increasingly business-like criminal enterprise operating out of Eastern Europe.
Of course it’s not 2020. And to date there’s been no public instance of ransomware – let alone regular malware – targeting the onboard operating system of an automobile. However, in a panel discussion at Georgetown Law’s “Cybercrime 2020: The Future of Online Crime and Investigations” conference this morning, Dino Dai Zovi, “Hacker in Residence” at the New York University Polytechnic School of Engineering, reasoned that if the price were low enough, nearly anyone would pay to unlock their car.
To this, Michael Stawasz, the panel’s moderator and the deputy chief of the Computer Crime & Intellectual Property Section (CCIPS) at Department of Justice, wondered aloud if there would come a point where his refrigerator was pinching him for $.25 every time he tried to make a sandwich.
Indeed the panel agreed that ransomware is likely the future of cybercrime, at least as far as consumers are concerned.
“I think we are going to see ransomware scale well in the Internet of things,” Dai Zovi said. “It’s already targeting networked storage.”
Martin Libicki, senior management scientist at RAND Corporation explained that so much of the cybercrime world is presently focused on converting information into money. When a payment processor at a retail location is compromised, in order to actually make money, the criminals then not only have to transfer that information away from the retailer but they also have to find a way of actually withdrawing money from those corresponding bank accounts or credit lines. Under the current system in the U.S., criminals are getting more efficient at translating data into money. However, the panel agreed, this will become more difficult as banking security becomes more sophisticated and as more secure payment forms like EMV become the norm.
Contrast that with a simple, two-step ransomware scheme, which encrypts or locks a machine and demands direct payment to decrypt it or unlock it, and crypto and locker malware starts to seem immortal.
As a caveat, Libicki forecasted that someone somewhere would certainly come up with a new way of monetizing information that no one in the panel, audience or world could possibly predict today. This, he said, is why it’s so hard to say what cybercrime will look like in the year 2020.
Libicki later reasoned that it’s a wonder that so little ransomware attacks take place today. Moving away from consumer threats, he noted that the Iranians and the North Koreans seem to enjoy bricking computers. Bricking and ransomware are by no means the same, in that the former simply destroys machines while the latter renders one useless unless the user is willing to pay a fee. However the two attacks are similar in principle, in that they offer criminals the leverage of denying their victims’ access to the machines on which they rely – either permanently or temporarily.
Rick Howard, the CSO of security firm Palo Alto Networks followed Libicky’s train of thought. He predicted that ransomware is also likely to become a favorite tool among hacktivist groups, merely seeking to disrupt operations or gain leverage in order to affect change.
Howard further hammered the efficacy of ransomware, saying that the cybercrime business model is deeply concerned with customer service. Contrary to what many experts say and recommend, Howard said that ransomware perpetrators are very good at restoring service for any victims that decide to pay the ransom.
“Ransomware is the future; it’s is going to touch the consumer hard,” Howard said. “Banks cover credit card fraud. Just wait until [criminals] start poking you for $20 per month.”
In reality, ransomware has already impacted the consumer in a deep way — some six years before the future-date envisioned by the panelists. The CrytpoLocker malware garnered heavy media attention earlier this year, and the opening remarks from the panel’s final member, Andrew Bonilla, the director of cybersecurity and public safety at Verizon Business, could suggest exactly why CryptoLocker was so exigent.
“Every high-level instance of cybercrime has a street-level component at some point,” Bonilla explained. “When you start to put a face to cybercrime it starts to make a difference. We need to be able to see who and what is affected and who is responsible for it.”
Photo courtesy of Wikipedia user:Postdlf licensed under creative commons