Ransomware reveals the hidden weakness of our big tech world

The flaws we have long overlooked are the ones that ransomware has exploited to brutal impact.
Written by Steve Ranger, Global News Director

Ransomware continues to cause damage across the world. Rarely a week goes by without another company, or city, or hospital, falling prey to the gangs who will encrypt the data across PCs and networks and demand thousands or millions in exchange for setting it free.

These aren't victimless crimes; every successful attack means a company faces huge costs and risks being pushed out of business, or public services disrupted just when we need them, or medical services put in jeopardy in the middle of a crisis.

And yet it seems impossible to stop the attacks or catch the gangs. That's because the ongoing success of ransomware reflects many of the real-world failings of technology that we often forget or gloss over.

SEE: Network security policy (TechRepublic Premium)

There are obvious, fundamental weaknesses that ransomware exploits. In some cases these are problems that have existed for years, that the tech industry has failed to address; others are issues that are, right now, beyond the skills of the smartest entrepreneurs who want to tackle cybersecurity challenges.

A few examples spring to mind. Hackers would be unable to gain even their first foothold if companies took security seriously. That means applying patches to vulnerable software when they are issued, not months or years later (or never). Equally, companies wouldn't be on the tedious treadmill of applying constant security updates if the tech industry shipped software code that was secure in the first place.

And while we tend to think of the borderless world of the internet, the real world of geopolitics looms large when it comes to ransomware as many of these gangs operate from countries that have no interest in catching such crooks or handing them over to police in other jurisdictions. In some cases that's because the ransomware gangs are bringing in much needed funds for the country; in other cases so long as the gangs aren't going after local victims, the authorities are quietly happy for them to create havoc elsewhere.

It's not all doom and gloom; the fight back against ransomware is advancing on a few fronts.

Intel has showcased some new hardware-level technologies that it says will be able to detect a ransomware attack that antivirus alone might miss.

SEE: Cybersecurity: This 'costly and destructive' malware is the biggest threat to your network

A group of tech companies including Microsoft, Citrix and FireEye are working on a three-month project to come up with options that they promise will "significantly mitigate" the ransomware threat by identifying different ways of stopping such attacks. And more political pressure should be put on the nation states that are happy to let ransomware gangs flourish within their borders.

There is also a need to put more pressure on governments to look at whether, and in what circumstances, it should be acceptable to pay the ransom at all. Profit is the only reason that ransomware exists; if it is possible to stop the gangs from making their big payday, then the problem goes away almost immediately.

Everyone seems to agree that ransomware is a menace that can no longer be ignored. Now we need to see some tangible progress before these attacks create more chaos.


Editorial standards