The Resurgence of Ransomware

Stephen Gwon, Contributing Writer

Ransomware, the notorious computer virus that takes over the data of a victim’s device and holds it hostage for a ransom, has seen a recent rise in prevalence since the WannaCry ransomware epidemic, which saw over 181.5 million attacks in 2018. Department of Homeland Security Secretary, Alejandro Mayorkas, reported in a press conference that the rates of “ransomware attacks have increased over the prior year by more than 300 percent” and more than “$350 million in victim funds were paid as a result of ransomware in this past year.”

 Several major institutions have also reported breaches due to ransomware attacks. Universal Health Services, a major US hospital and healthcare service company, had its systems fail due to a ransomware attack in September 2020. In an official statement, the company declared that, while “offline documentation methods” were being used, “user access to technology applications related to operations located in the United States” had to be suspended.

More recently, Babuk, a group of hackers thought to be of Russian origin, claimed to have hijacked the Washington DC Police Department systems with a ransomware attack. In late April 2021, photos surfaced online of the group’s extortion demands of the department. Included with the demands were images of files that contain sensitive information like reports and details on FBI arrests. 

The group, while making no specific monetary demands, threatened to leak stolen information that was downloaded during the breach (Babuk claims over 250 Gigabytes of data were stolen) if no contact was made. They also threatened to leak the identities of police informants, which could potentially have endangered lives. 

The attack on DC Police does not mark the first time the Babuk group’s version of ransomware has hit major establishments, as an additional “five big enterprises” have already been compromised by the malware according to a McAfee technical analysis that was published on February 23, 2021. Mcafee, a prominent cybersecurity company, claimed in its report that one of these five enterprises has already paid perpetrators $85,000 after receiving threats and that the Babuk group is “targeting the transportation, healthcare, plastic, electronics, and agricultural sectors across multiple geographies.”

Unfortunately, it is unlikely that ransomware can be effectively counteracted. Many of the individuals behind these attacks are unlikely to be found. With the rise of popularity in cryptocurrency, many ransomware attackers commonly take advantage of the anonymous transactions of bitcoin and other cryptocurrencies, making financial transactions between the victim and the perpetrator hard to trace. Nevertheless, serious efforts are now being made to fight off these increasingly common ransomware attacks. 

During an event hosted by the US Chamber of Commerce on April 7, 2021, the Department of Homeland Security promised to address the threat. The Department of Justice and Congress began to help with this endeavor as well. Deputy Attorney General Lisa Monaco of the Department of Justice announced the start of a cyber-security review that could last up to 120 days. In the Munich Cyber Security Conference, she stated that “we are launching this week, under my direction, a review of how the department is looking at exactly this set of challenges.” In Congress, legislation is being introduced to help ease the cost of maintaining cyber-security. House Representative Yvette Clarke, who serves as the chair for the House Homeland Security Subcommittee, declared her intent to reintroduce legislation that would “provide state, local, territorial and tribal governments with $500 million annually to combat cyber-attacks.”

Despite the promises for increased effort to challenge the rise of ransomware attacks, however, the swiftness of the government’s response could ultimately be the deciding factor for how much damage this threat can inflict.