Cyberattack: Five hundred percent increase in recovery cases during the pandemic, a new internet is needed


There is no doubt that we are also in the midst of a digital epidemic of ransomware attacks. The recent ransomware attacks on Colonial Pipeline and JBS USA Holdings Inc., the world's largest meat processors, underscore the growing trend of organized attacks on critical targets and our chronic inability to defend against them. In such a situation, we need a new internet because the old one has collapsed.

origin of the internet

Today's Internet is a product of the Advanced Research Projects Agency Network (APRANet) in the late 1960s, a group of research institutions linking military, political, and industrial threads in the US during the Cold War. Its purpose was to facilitate secure communication in times of conflict and to facilitate research and development through the electronic sharing of information. It was a closed, tightly controlled, highly secure network that could only be joined by invitation. The invention of the World Wide Web (WWW) by Tim Berners-Lee in 1990 led to the establishment of the browser-based Internet as we know it today.

WWW introduced and advocated an open, inclusive, universal, and unrestricted mode of communication with each other. It introduced the notion of hyperlinks that a user simply clicked could go to a new web page on a different network. It was the beginning of an uncontrolled, user-driven, content-filled Internet. The paradox of the Internet is that it originated, developed, and exists in an environment where its control and access have often been associated with tension and conflict.

Ransomware Rise

Cybercrime is a growing, highly successful, and profitable industry. The industry estimates that the cost of cybercrime will reach US$10.5 trillion by 2025, growing at a rate of 15 percent per year. The world's third-largest "economy" after the US and China. A big part of this is ransomware. It performs multi-pronged attacks by capturing the data and systems of any organization. Since the start of the pandemic, ransomware attacks have increased by almost 500 percent.

Average ransom payments have also continued to climb during this period, increasing 43 percent from the last quarter of 2020 to an average of more than USD 200,000. What is particularly insidious about these attacks is that ransom demands are often accompanied by the capture of company data and demanding a ransom in return for it. After receiving the ransom, the matter does not end here, threatening to release this data and demanding additional payment.

In the first quarter of 2021, more than three-quarters of ransomware attacks were linked to this type of threat

The criminals have also settled fast. The recent attack on Colonial Pipelines by hacker group Darkside is an example. Criminal groups have created virtual organizations and developed special strategies that select specific sectors and companies to attack. They have infinite resources, skill, and patience. They are playing a long game where the target is first identified, then carefully scrutinized and hit only when the maximum amount can be drawn.

CNA Financials was attacked in late March, and a record ransom of US$40 million was collected. The hackers gained access to CNA's client database. He thus wanted to blackmail the company as well as identify customers who had bought cyber insurance to protect against ransomware-like attacks. By doing this he wanted to find targets for the next attack. Darkside is also selling ransomware packs to other hackers and is turning out to be a huge profit-making service as service.

new old internet

The US government has started efforts to deal with these attacks. US President Joe Biden has instructed federal agencies to use all their resources to deal with digital disruptions. A set of mandated rules is being developed by the Department of Homeland Security on how the pipeline and other infrastructure providers can protect their assets. However, this in itself will not be sufficient and the attackers will be difficult to stop. So an intranet—a closed, proprietary network—could be the key to solving this threat.

We expect a new Internet to emerge with two different sides. On one hand, we will have a completely unfiltered, minimally regulated, Wild West Internet that anyone can access. On the other hand, we will probably see "worldwide intranets" evolve, which are widely accessible as well as tightly controlled websites with tight access controls to prevent criminal activity, much like closed corporate intranets. Like the one that gained popularity two decades ago.

Large online merchants such as Amazon, the government, health care providers, or other large organizations will no longer tolerate criminal attacks on themselves and their stakeholders' data and resources. As security measures such as multi-party authentication are developed, they will be rapidly adopted by these organizations and given to consumers as a condition of access.

As a society, we accept controls when the cost of not having them exceeds the restrictions they impose. We see this trend as an inevitable consequence of increasing security threats affecting not only networks but also the individuals transacting with them.

By 2025, the world will store 200 zettabytes (one billion gigabytes) of data. With the increase in transactions, we have no option but to strengthen identity and access control. In this case, one path may lead to an open but risky Internet and the other to a closed, controlled, regulated web where security and privacy prevail.