Ransomware is becoming an extortion industry causing serious concern to the whole world. By linking the links of these crimes, it is known that these are professional industries, which are far away from the rules of organized crime.
Secret network spread in many countries from data theft to ransom
Recently, US President Joe Biden also raised the issue of extradition of cybercriminals at a summit with Russian President Vladimir Putin. In the summit of the G-7 countries, it was also resolved to deal with ransomware groups together.
In a meeting with Joe Biden, Putin gave in-principle consent to this, but he insisted on a two-way extradition treaty. However, the question is, if there is a treaty, who will be extradited and how.
Ransomware is a crime spread across many countries and there is no single main culprit. In addition, different police agencies are involved in this. Ransomware attacks involve various networks of cybercriminals. They live apart from each other. This reduces the risk of arrest. In May this year alone, there were 128 ransomware attacks. In such a situation, it will be interesting to see how America and the G-7 will be able to curb these crimes.
How do ransomware attacks happen?
According to David S Wall, professor of criminology at the University of Leeds, after analyzing some 4,000 attacks between 2012 and 2021, criminals first identify potential victims and break into their networks. The hackers then gain access by obtaining login information.
Upon gaining access, attacking victim organizations move on to the critical data that the theft will cause the most to the victim and collect the ransom. This is the reason why the medical and police records of hospitals remain the target.
watch over recovery
The victim organization is attacked and its access is blocked. Threats are made to make dark web data public so that they will be forced to pay a high ransom. Criminals demand ransom in the form of cryptocurrencies. Which is difficult to detect.
Fast action in one year
Law agencies have stepped up efforts to tackle ransomware criminals over the past year. Ukraine and South Korean police have joined hands to nab the infamous CLOP ransomware gang. After this, Russian citizen Oleg Koshkin was convicted by a US court of running a malware encryption service. Using this, cybercriminals were doing cyber-attacks while avoiding antivirus software.
network of criminals with varying skills
Skilled cybercriminals specialize in varying levels of attack to reduce the risk of being caught. Data brokers sell stolen information to the dark web
From data vendor, ransom intermediary to crime consultant
Dark market vendors provide online marketplaces where criminals send data over the dark web through the Tor network. There are also currency traders converting cryptocurrencies to traditional currency. There are also mediators to negotiate a ransom settlement on behalf of the victim and the offender. Recently gangs and ransomware consultants have also joined.