Moon of Alabama Brecht quote
July 10, 2021

Ransomware: Stop Blaming Russia And Tackle The Real Villains - Cryptocurrencies

Ransomware attacks continue to disrupt many businesses. Earlier this month an attack through Kaseya VSA, a remote managing software, disabled several managed service provider and some 1,500 of their customers. Their data was encrypted and will only be restored if they pay the demanded ransom.

Such attacks are increasing because they are easy to do and carry little risk. The basic platforms for specific attacks can simply be rented from underground providers:

"I think what most people think about when they think of a stereotypical hacker is somebody that's in-depth into coding," the officer said. "It has changed now in that it used to be that you had to be very technically adept to be a hacker, but the way the cyber market or cyber underground has evolved is a lot of those things have become services now."

The industry has diversified, he said.

"Those network attackers, instead of profiting themselves, are now renting out their services and their expertise to others and that's where we see this amplification," the officer said. "It's others renting out the services now. It unlocks another class of folks that can be opportunistic and take advantage of bad cyber hygiene."

Some of the rentable ransomware services, like REvil, are run by Russian speaking groups. But that does not mean that the people who use it are from Russia or that the attacks take place from Russian grounds. The last big bust that hit the command and control severs of the alleged 'Russian' Emotet cyber crime service took place in the Ukrainian capital Kiev. While those criminals spoke Russian they neither were Russians nor was Russia involved at all.

Despite that U.S. media blame all recent attacks on Russia and use them to incite the Biden administration to respond by attacking the Russian nation.

Setting the tone in this is the New York Times and its warmongering White House and national security correspondent David Sanger. On Wednesday he wrote Biden Weighs a Response to Ransomware Attacks which he topped by Friday with Biden Warns Putin to Act Against Ransomware Groups, or U.S. Will Strike Back.

Those headlines and pieces are misleading in that they set expectations which the Biden administration is for good reasons unwilling or unable to deliver on.

The first piece, for example, says:

Mr. Biden is under growing pressure to take some kind of visible action — perhaps a strike on the Russian servers or banks that keep them running — after delivering several stark warnings to Moscow that he would respond to cyberattacks on the United States with what he has called “in-kind” action against Russia.

The 'growing pressure' are Sanger's writeups all by themselves. The piece then quotes a number of anti-Russian hawks who suggest some very unreasonable 'retaliation options':

Dmitri Alperovitch, a founder of the cybersecurity firm CrowdStrike, and now the founder of the Silverado Policy Accelerator think tank, has argued that until Mr. Biden moves to cut significantly into Russia’s oil revenue, he will not get Mr. Putin’s attention.
...
In recent days, however, a growing number of experts have argued that the United States is now facing such a barrage of attacks that it needs to strike back more forcefully, even if it cannot control the response.

“You don’t want escalation to get out of control, but we can’t be so afraid of that that we bind our own hands,” Mr. Painter said.

William Evanina, who recently left a top counterintelligence post in the U.S. government and now advises companies, said he would advise Mr. Biden “to be bold.”
...
If Moscow wanted to stop Russia’s cybercriminals from hacking American targets, experts say, it would. That is why, some Russia experts argue, the United States needs take aim at Russia’s kleptocracy, either by leaking details of Mr. Putin’s financials or by freezing oligarchs’ bank accounts.

“The only language that Putin understands is power, and his power is his money,” said Garry Kasparov, the Russian chess grandmaster and a Putin critic. “It’s not about tanks; it’s about banks. The U.S. should wipe out oligarchs’ accounts, one by one, until the message is delivered.”

Sure, lets blow up the international banking system by manipulating accounts of private Russian people even though we do not even know if the criminal cyberattacks are run by Russians or from Russia.

The lede to Sanger's most recent piece is likewise dripping with belligerence:

President Biden warned President Vladimir V. Putin of Russia on Friday that time was running out for him to rein in the ransomware groups striking the United States, telegraphing that this could be Mr. Putin’s final chance to take action on Russia’s harboring of cybercriminals before the United States moved to dismantle the threat.

In Mr. Biden’s starkest warning yet, he conveyed in a phone call to Mr. Putin that the attacks would no longer be treated only as criminal acts, but as national security threats — and thus may provoke a far more severe response, administration officials said. It is a rationale that has echoes of the legal justification used by the United States and other nations when they cross inside another country’s borders to rout terrorist groups or drug cartels.

Sure, U.S. special forces will parachute into Moscow to nab some cybercriminals who may or may not be there.

The warning that Sanger implies Biden allegedly made was never given. Biden himself is quoted in the next paragraph (emph. add.):

“I made it very clear to him that the United States expects, when a ransomware operation is coming from his soil, even though it’s not sponsored by the state, we expect them to act if we give them enough information to act on who that is,” Mr. Biden told reporters.

There is the crucial point. The U.S. does not know who made those attacks or where they were actually controlled from. It has not given Russia any names or evidence that Russia could act on. The Kremlin readout of Biden's call with Putin explicitly makes that point:

In the context of recent reports on a series of cyberattacks ostensibly made from Russian territory, Vladimir Putin noted that despite Russia’s willingness to curb criminal manifestations in the information space through a concerted effort, no inquiries on these issues have been received from US agencies in the last month. At the same time, considering the scale and seriousness of the challenges in this area, Russia and the US must maintain permanent, professional and non-politicised cooperation. This must be conducted through specialised information exchange channels between the authorised government agencies, through bilateral judicial mechanisms and while observing the provisions of international law.

The leaders emphasised the need for detailed and constructive cooperation in cybersecurity and for the continuation of such contacts.

Russia has long suggested to set up deeper talks and a treaty about cybersecurity issues. In a short interlude with the media President Biden said that meetings about these will now take place:

Q: Sir, what are the consequences for Putin if he does not step up against cyberattacks?

THE PRESIDENT: Well, we set up a committee — joint committee. They’re meeting on, I think, the 16th. And I believe we’re going to get some cooperation. Thank you.

Q: Mr. President, what do you expect President Putin (inaudible) — what do you expect him to do? What are those actions?

THE PRESIDENT: It’s not appropriate for me to say what I expect him to do now. But we’ll see.

Those responses seemsfar from the belligerence the NYT's Sanger tries to convey.

The problem of crippling ransomware attacks will only increase and blaming Russia for them will not change that fact. The most basic tool that enables such criminal cyberattacks is the exchange medium through which ransom payments are made:

Let me paint a picture of a bleak future, that seems to be racing towards us much faster than the public may know about. It’s a future in which ransomware and mass data theft are so ubiquitous they’ve worked their way into our daily lives.
...
[W]hat is new is that the level of these attacks has gone parabolic in the last few years because of one simple fact. With the addition of bitcoin to the problem it’s insanely profitable, low-risk, and almost the perfect crime. It’s also a very real economic tool that nation states can use to disrupt each other’s infrastructure.

The singular reason why these attacks are even possible is due entirely to rise of cryptocurrency. Consider the same situation on top of the existing international banking system. Go to your local bank branch and try to wire transfer $200,000 to an anonymous stranger in Russia and see how that works out. Modern ransomware could not exist without Bitcoin, it has poured gasoline on a fire we may not be able to put out.

It is not only bitcoin but also a number of other cryptocurrencies which have no real justification to exist. But there are transition points from real money to cryptocurrencies and back where the problem can be tackled:

Cryptocurrency exchanges are the channel by which all the illicit funds in this epidemic flow. And it is the one channel that the US government has complete power to rein in and regulate. The free flow of money from US banks to cryptocurrency exchanges is the root cause of this pandemic and needs to halt. Through sanctions, control of the SWIFT network, and our allies in NATO the federal government has all the tools to put a stop to these illicit flows. Nothing of value would be lost by shutting off the spigot of dark money and darknet trade. Cryptocurrencies are almost entirely used for illicit activity, gambling and investment frauds, and on the whole have no upside for society at large while also having unbounded downside and massive negative externalities.

A shut down of cryptocurrencies would disable the safe payment media that criminal ransomware attackers currently use. All other payment methods require some physical interaction or in person verification. Using those would increase the risk for cyberattackers immensely.

The good news is that the Biden administration has caught on to this. Last week the Deputy National Security Advisor for Cyber and Emerging Technology Anne Neuberger remarked on it:

Neuberger described the Administration’s ransomware strategy which includes several lines of effort: disruption of ransomware infrastructure and actors by working closely with the private sector; international cooperation to hold countries who harbor ransom actors accountable; expanding cryptocurrency analysis to find and pursue criminal transactions; and the federal government’s review to build a cohesive and consistent approach towards ransom payments.

A background briefing about yesterday's Biden-Putin call also touched on this:

This is more than just a conversation that’s taking place between the two leaders, President Biden and President Putin. This is really about our own resilience, as a nation, in the face of these attacks, and strengthening that. That’s what the cybersecurity executive order was largely about.

It’s about addressing the challenges posed by cryptocurrency, which provides fuel for these sorts of transactions.

A ransomware attacker may sit in Kyrgyzstan, use a Swiss proxy network to access rented servers in Canada from which a ransomware cyberattack is launched by using tools that were developed in Estonia but are managed from Spain. There are ways and means to hide such routes and to fake the involved nationalities. To then blame Russia or any other country for such attacks or to threaten a response against nation state assets is warmongering nonsense.

The Kaseya VSA attack shut down 800 local food shop of the Swedish chain Coop for over a week. Millions of people were affected by that in their daily life. With more and more information technology involved in our daily lives we no longer have the ability to avoid ransomware attacks and their consequences.

What can be done is to disable the cryptocurrency payment channel that is used by attackers with little to no risk. While this may not completely solve the problem of widespread ransomware attacks it will at least make it more manageable.

Posted by b on July 10, 2021 at 16:54 UTC | Permalink

Comments
« previous page

@erelis #45
PC anti-ransomware software is nothing but virus scanner software repackaged.
I've repeatedly said: modern ransomware attacks involve a network intrusion first. They do not involve getting someone to click on a bad attachment or what not.
If someone capable knew who and where you were - you are not stopping them unless you REALLY know what you're doing.
For example: do you use a wifi router? If so, you have ZERO security. WiFi routers are crackable trivially with proximity. Most of them are built on open source software which is rarely updated. And most importantly: if you don't even know if/when they're being targeted, how can you possibly be secure?

Posted by: c1ue | Jul 12 2021 0:03 utc | 101

@ c1ue (#99),

What wrong? Have you or someone you know used the Paxful service? For what amount? It doesn’t look like it can be easily used for large amounts. They would need to report those large ($10,000+) transactions to the authority. Just look at their verification system.

“Paxful has 4 verification levels, each one with different limits:
– Level 1 – Email and phone verification. Limit is $1,000.
– Level 2 – Level 1 requirements + ID verification. Limit is $10,000.
– Level 3 – Level 2 requirements + address verification. Limit is $50,000.
– Level 4 – Level 3 requirements + enhanced due diligence. No limit for this level.
Users from the US are required to complete levels 1, 2 and 3 to trade on Paxful at all, while users from the EU and Canada must complete at least levels 1 and 2, as well as 3 if they wish to withdraw any funds.”

Posted by: Max | Jul 12 2021 0:57 utc | 102

Cryptos are a collectors item just like fine art. While money has value based on the military jack boot of empire which insures its value only with its domination of most countries and the violent destruction of any attempt to set up a transparent real money system exchangable for gold (Libya). A painting by a hot painter is worth 900k because there are a handful of people who will pay that for it, they're interest in it keeps the value at a certain level. Same with Bitcoin, but that interest is spread out to millions of people. If they all decide its worthless than it is, but why would they? I think a lot of these evidence free claims of hacking and ransom wear are made to devalue the currency that the ransom is paid in, it could have easily been paid in dollars via the internet, as cryptos is basiclly just that: a stand in for the dollar being moved to an account that is a number. Cryptos in this way provide a window to real capitalism. This to me is natural human evolution toward anarchism and a system of exchange that is transparent and based on people working together instead of militaristic violence. You can exchange cryptos for gold, rubles and yaun, so saying that it exist only based on the dollars supremacy is wrong.

Posted by: jsanprox | Jul 12 2021 1:59 utc | 103

What I know about computers and Bitcoin would get lost in a thimble. However, what I've learnt about the US Govt over the years tells me that this problem wouldn't be happening if the USG hadn't dedicated itself to micro-managing, and dominating the www - for Top Secret (i.e. bullshit) reasons.

I was appalled when I learnt that the USG had made strong encryption ILLEGAL, and dumbfounded when I first heard about the PRISM 'co-operative' USG-mandated www surveillance program. Edward Snowden's NSA revellations confirmed that the USG has KILLED computer security for crappy, feeble-minded reasons.

It's more or less par for the course that the USG blames other entities for its own prying and mischief-making. Were it not for the USG placing LOW limits on computer security, we would all have access to Pretty Good Privacy and pro-active, timely means of detecting and defending and/or evading malware.

Posted by: Hoarsewhisperer | Jul 12 2021 3:36 utc | 104

jsanprox @103:

Yes and no.

Yes: That's why I called cryptos the most the most stupid object of speculation ever invented. The second to most stupid being NFTs, but if you 'buy' (buying nothing is a strange concept, hence the brackets) one of those at least some where down the line an artist got paid.

No: You have a very romantic view of the art market. May be at some point interest in an artist started as a collectors thang, but from then on it's pure speculation; rich people by art because they think it will increase in price. They mostly never see the piece, it's kept in climate controlled storage. What they get is a (digital) certificate of ownership.

So they ate similar. BTC could easily be replicated using Picassos. In fact fine art is also used in criminal circles, as security for large drug deals. (Saves you the trouble of shipping a container load of green.)

Posted by: Jörgen Hassler | Jul 12 2021 5:32 utc | 105

@ One Too Many | Jul 11 2021 22:48 utc | 91

You're speaking to the choir. I'm been using Ubuntu on all my machines since Breezy, which was released in 2005. I tried other distros, but always came back to Ubuntu due to packages. There are ALWAYS packages available for Ubuntu.

It is time for more people to join the choir! I do agree that if you are new to Linux, to go with Ubuntu is the best advice because of its ease of use, online community and a wealth of packages available. You can use "plain" Ubuntu or one of the variants with different GUI desktops (Kubuntu, Xubuntu, Lubuntu, ...) some of them very lightweight so perfect for recovering old hardware that is no longer usable with the M$ system that came with it.

I started using Kubuntu on an old laptop in 2007, it has come a long way since then. Kubuntu 20.04 is now on my main desktop. For those that don't already know: 20.04 means the release from April, 2020. Ubuntu is released every 6 months like clockwork, in April and October. Some releases are declared "LTS" (Long Term Support), they are usually 2 years apart. Going with an LTS release is a good idea as they are extra stable.

Posted by: Norwegian | Jul 12 2021 7:36 utc | 106

Jörgen Hassler | Jul 12 2021 5:32 utc | 105

"They mostly never see the piece, it's kept in climate controlled storage."

This is standard practice. Using "Ports Franches" as in several Swiss towns including Geneva. Perfectly legal as they are not IN the country (for Tax purposes).

However, this is not really for "drug" cartels but just a way of transferring assets from one rich person to another. Many ownership deals are made inside the Port Franche itself, without the need to transport the work outside. There is a limitation on the time a work can be left inside the building, but I believe all that they have to do is drive more or less "round the block" and re-enter it. I'm a bit hazy about that detail, as I do not have a spare Rembrandt to verify this personally.

****

jsanprox | Jul 12 2021 1:59 utc | 103

A painting by a hot painter is worth 900k because there are a handful of people who will pay that for it, they're interest in it keeps the value at a certain level.

The primary dealers agree on a common price level for a stated painter. These paintings can even be used as collateral when borrowing money.
Other painters do not have a "guaranteed" price level but one based on auction values (ie. What the customer is willing to pay.)
The Primary dealers are a very small group who control all the big art fairs and which other dealers are allowed to sell or deal there -.
There are "rules" about "participation" (not sure about the terminology here), that various dealers will have made between themseves. ie. There is a split-up of profits following certain agreed parts. Woe unto a dealer that doesn't pay his part. (OK; personal note here, I once accidently fell foul of the "cartel" because a gallery owner with my works, had not paid "out" on a large sum that he had made on another artist he was representing. They decided to "get" him.)

****

Ransomware; Why are people getting all hot and bothered about Corporations paying money in Bitcoin? Happens all the time.

Another Personal anecdote; About five years ago I started recieving emails from unknown "people", Real first names, with an attachement. As normal, these go into trash without being opened (or into a folder I have, called "dodgy spam?) About 20 + of them. Next I recieved one email saying (in French) " I know your little secret, and if you don't want everyone else to know, pay (about €30) a "Small" sum into the following bitcoin account xxxxx."

In France you can "porter plainte", ie, denounce and start a legal process against an "unknown person, or persons". This is to protect yourself, and is run by the Government/police. In my case, never having opened any of the "attachments", I don't know what they were, probably porn of some sort. IF they had been opened there would have been a suspicion that I was a "willling" victim. (The first question asked by the Gov. Site was "Have you paid them/it, and by how much". in my case - none)

******

Haven't heard anything since. BUT, Bitcoin was already being used for criminal purposes.

Nobody had to find a super-secret backdoor into my computer. Just buy a data base with working emails - Corporations use them all the time to send publicity. By looking at the address, and other more or less freely available information, they can target people, by location, age, etc.


Posted by: Stonebird | Jul 12 2021 8:31 utc | 107

Posted by: c1ue | Jul 11 2021 23:59 utc | 100

Instead of bitcoin their favorite pastime 50 yrs ago was hacking US phone services ago, so I am safe to say they know their business.

Posted by: Abe | Jul 12 2021 9:05 utc | 108

@Max #102
You clearly have no idea what you are talking about.

I have investigated and documented an outfit buying gift cards on Paxful specifically to buy iPhones to smuggle into a specific South American country.

There are no $10,000 gift cards. What is done is to have a "customer service" group - or a mule network - buy the gift cards.
For larger criminal gangs who obtain them, you can deal directly once contact is established. Nor is Paxful the only platform - there are dozens - I only use them as a public example.

Note that the purchases of gift cards for crypto - the gift cards are discounted by as much as 30%. Easy to discount if the provenance if criminal...

Posted by: c1ue | Jul 12 2021 14:08 utc | 109

#Abe #108
50 years ago - "hacking" involved nothing more than a tone based phone dialer.
The phone companies had no security except obscurity.
There is a big difference between attacking a completely nonsecured setpu vs. a credible law enforcement effort to take you down - look at Mitnick.
The reality is that a telco won't bother with a small time operator unless somebody internally needs a scalp for promotion purposes.
On the other hand, if the offender goes commercial to a significant degree or attacks the wrong network, then things change.
Also see above.
But good luck to your friends, so long as they're not doing anything destructive.

Posted by: c1ue | Jul 12 2021 14:15 utc | 110

Here's something amusing: FTC complaints about Binance

I've said before: the customer service for Binance and Coinbase is abysmal. Both companies architected it based on the Facebook model: which is to say - prevent any and all contact from customers if at all possible. They literally don't care if customers can't sign up, can't get it to work, etc - the crypto boom allowed them this luxury.

Binance is now under fire by the USG (and other G's) even as their identical (lack of) service twin is fine - but this isn't political or anything...

Posted by: c1ue | Jul 12 2021 14:21 utc | 111

Posted by: c1ue | Jul 12 2021 14:15 utc | 110

Never said they are my friends, just that I follow knowledge they have accumulated, as it is my job.

Posted by: Abe | Jul 12 2021 15:41 utc | 112

@ Posted by: jsanprox | Jul 12 2021 1:59 utc | 103

But you only know a Picasso is worth a lot because you can calculate it in USD terms (ultimately: you can also calculate in any other fiat currency, but, since we live in the USD Standard, we only know a certain amount of fiat currency is worth if we can convert it to USDs). The USD is still the unit of accountancy and the means of payment even in the art market.

You can never pay your taxes or fill the tank of your car with a Picasso - you would have to sell it for USDs, and use these USDs to pay for everything you need. Sure, two megarich persons could exchange art between them as some kind of permute, but that doesn't constitute a societal unity (because billionares don't exist in a vacuum). It is a particularity of society, not society itself.

The same is true with crypto. And with gold. And with platinum. And with whatever else you want. It is a myth crypto is "fake" just because it is purely digital: the material specification of the thing doesn't matter for its status of money. Being digital is the lesser of crypto's problems. Crypto's main problem is the very economic foundations of its existence, which ensure it will never be money.

And no: subdividing crypto wouldn't solve it - they tried it with gold when capitalism lived through the Gold Standard (when it was on its death throes) and there's a limit to this. Even if the digital era allowed it, you would then simply have fiat money system with extra steps and double the brutality, because then the power to issue money would rest with few private individual hoarders of the crypto with no legal accountability and responsibility; it would be a dystopian "Pirates of the Caribbean" meets "Mad Max" scenario.

Posted by: vk | Jul 12 2021 15:47 utc | 113

@ c1ue (#109),

First be civil and engage constructively. Not questioning the mechanism that you’re describing of converting to gift cards and buying iPhones to sell them and get money. The elements of focus are the dollar amount (> $1 million) and a traceable trail of transactions.

The key questions to better understand are:
– What was the total dollar amount of the cash out? Less than a million or greater than a million?
– The "customer service" group - or a mule network - buy the gift cards in what total dollar amounts?
– The larger criminal gangs provide what, gift cards, iPhones or dollars? What is maximum dollar amount of the deal? In many regions criminal gangs are subservient to the intelligence agencies. They’re useful assets.
– Are you saying that there is no traceable trail that one can’t find the criminals involved in a million dollar cash out?

The key point is that the intelligence agencies or the law enforcement can find the criminals if they are committed. If they make a pass then one can easily cash out from a bank too.

Posted by: Max | Jul 12 2021 15:47 utc | 114

@Max #114
It requires 2 knowledgeable individuals, or at least individuals who understand the limitations of what they do and do not know - to conduct a useful exchange.
So far, you have yet to provide any useful information outside of a 2 second Google search.

As such, I have no compulsion to be either civil or to educate you.

I'm not going to answer your questions - I have no desire to provide yet more documentation for would-be cyber criminals nor to short-circuit your (so far non-existent) mental journey to understand the myriad ways by which crypto can/is used to launder money.

I will provide a video covering some basic aspects of crypto laundering - it is out of date but at least will show that the money laundering capabilities in crypto (and crime overall) have existed for a long time and continue to evolve: Crypto laundering video

Posted by: c1ue | Jul 12 2021 16:06 utc | 115

@ c1ue (#115),

Thanks for revealing your reality! Didn’t deny about the money laundering through cryptos. It happens under supervision of authorities as it does in the big banks too. No surprise there. You won’t share the transaction amount as it debunks your opinions. Crypto laundering video is just a propaganda, to direct criminals to a defined location. One can’t fool all the people all the time!

Posted by: Max | Jul 12 2021 16:28 utc | 116

Stonebird @107

My point wasn't that it isn't legal, I know it is, my point was that being an art 'collector' mostly isn't about loving art, it's about loving money.

Posted by: Jörgen Hassler | Jul 12 2021 16:53 utc | 117

...and:

Drugs for art

Posted by: Jörgen Hassler | Jul 12 2021 16:58 utc | 118

@c1ue #96

Before paying any ransom via digital coins to a digital wallet do you think the authorities aren't going to investigate the digital wallet and when, where and by whom it was created by before sending the ransom? Not to mention hacking the wallet and getting the digital key to open the wallet.

How do you think the FBI was able to recover most of the Colonial pipelines ransom? But I agree it is difficult to know who is at the other end of a computer terminal.

Posted by: 10 to 1 | Jul 12 2021 17:59 utc | 119

I agree with Norwegian and One Too Many, though I haven't gotten around to switching to Linux yet.

IMO, MS has been building stupid dangerous interrupts into Window O/S, presumably because it's more profitable than building saner, safer systems. I'm Old School - I want my computer to do what I tell it to do, even when I'm stupid. These days, Windows products are built to prioritize instructions from Big Momma in Seattle (MS) over my keystrokes & mouse-clicks. Of course, the techniques they created to manage this become the tricks used by malevolent hackers to steal control of computers remotely.

Yes, Cryptocurrencies ("Dunning-Kruegerrands") make it easier for profit-oriented hackers to get paid. But the underlying problem is baked into Operating Systems designed to give control to someone other than the user.

Posted by: elkern | Jul 12 2021 18:33 utc | 120

Yes, Cryptocurrencies ("Dunning-Kruegerrands") make it easier for profit-oriented hackers to get paid. But the underlying problem is baked into Operating Systems designed to give control to someone other than the user.

Posted by: elkern | Jul 12 2021 18:33 utc | 120

My theory is that the business model of computing includes several anti-security paradigms.

1. the race between inefficient/bloated software and efficient hardware, forcing the mass of customers to upgrade. Just checking news and writing a simple document requires computer power that was deemed too dangerous to sell to commies, lest it allows them to improve nuclear weapons (many order of magnitude more...).
2. The ads on the internet. They run a lot of programs on your computers, just to slow it down, and incidentally, to slow down the display of ads themselves.
3. Automatic or semi-automatic upgrades. The very concept is to transport hackers to paradise.
4. Constant introduction of new features, with a trailing introduction of "security fixes" that, as we have learned, can be used to install worms.

Decades ago people knew how to design a secure operating system. Of course, they would restrict what you can do with a computer. Like in real life: it is more difficult to enter the bank vault than to enter the bank, and an outsider cannot do it alone, and even an average bank worker cannot open it (as I could learn from information posted in about 20 languages in a branch of a German bank, a putative robber who can read in Albanian only would be informed too, për klientët tanë të dashur shqiptarë).

Several years ago there were gangs in Europe stealing money from ATM by recording information on ATM cards. Conversion of cards to cards with chips put end to it. Similarly with ransomware, like "year 2000 problem" was solved, it can be solved too. Of course, blaming Russian government diverts from actual solutions.

Lastly, my take on crypto. It decreases the difficulty in collecting money, but eliminating it leaves the largest problem: actors who do not want profit but harm. Like hacking Venezuelan utilities, Stuxnet etc. The West can be on the receiving end too. Blackmails that extract a million dollars here or there actually may have salutary effect.

Posted by: Piotr Berman | Jul 13 2021 9:30 utc | 121

@Max #114
Yet again, you are talking crap based on theory and brief internet searches.
The reality: a typical local law enforcement Economic Crimes Unit - the division responsible for handling internet crimes as well as cons, scam, non-internet fraud etc. - each investigator will have at least 30-40 cases running simultaneous at any given time.
I've been told the joke "We'll get back to you in 3-5 years" time on multiple occasions and in multiple jurisdictions.
Yes, in theory you can trace the chain of transactions by downloading the 60GB of bitcoin blockchain data per day.
In reality - it does not happen unless someone pays an expert like me to do it, or there is sufficient political need.

At the US Federal level - it is worse. I've seen $4M bank scams not even get written up - and that was 5 years ago. Without either an expert or a powerful politician/constituent pushing, the cases always will devolve to what is easy first. And that is even before the prosecuting attorneys get involved.

Once again, ignorance is not an excuse nor is intellectual laziness.

Posted by: c1ue | Jul 13 2021 15:53 utc | 122

@Max #116
You really are stupid.
You really think I am Jake Tran? I am not.

Posted by: c1ue | Jul 13 2021 15:53 utc | 123

@10 to 1 #119
You confuse who pays the ransom vs. who investigates.
You also confuse the timelines.

If you are law enforcement - you cannot obtain information about a potential account, legally, unless you send a court order. The court order has to be received, processed and then data found and returned. Yes, informally data will be exchanged with "friendly" exchanges but it cannot be used in the investigation without risking prosecution failure.

The cryptocurrency exchanges - if they are the progenitors/CUSIP holders of the account - are not uniformly responsive.

This process takes weeks to months.

A ransomware kickoff to payment typically is completed over 1 weekend.

In the case of ransomware - the cyber criminals do not use exchange based accounts to receive funds anyway. That's what laundering is for.

The FBI almost certainly only recovered the attacker part of the ransom in the Colonial - not the Darkforce bit. Note they didn't get the whole ransom, only a portion.

I would not be surprised if it turns out that someone closely related to Colonial corp was involved as the "local", the person who promulgated the intrusion - either a contractor or employee or 3rd party supplier - and the FBI found them when investigating, found the wallet and clawed back because they were stupid.
Or even potentially that the "local" had his portion remitted to a "friendly" exchange account and the exchange both flagged it and clawed it back.

Certainly there is no way that the clawback could have happened either via the exchange or via the criminal giving up the wallet, or (least likely) the FBI intercepting wallet ID and keys and using those to clean out the wallet. If a bitcoin payment goes to a private wallet (i.e. non-exchange) - there is no way to claw it back no matter what. You must have the access ID (easy) and keys (not easy).

But time will tell.

Posted by: c1ue | Jul 13 2021 16:03 utc | 124

@ c1ue (#122 & #123),

One doesn’t need to resort to name calling and personal attacks. You just show who you’re. “When the debate is lost, slander becomes the tool of the losers.”

The superiors define the efficiency and effectiveness of any INVESTIGATION by the investigators. Based on real life experiences, have seen cases where a warranted have acquired, all information collected including videos of cash out captured and a detailed report filed within 4-6 weeks. In money laundering, banks know the details and yet look the other way. In most cases, that linger along for a long, there is some reason behind that. Who benefits?

Many payment companies have well defined procedures and information shared efficiently. There is lots of information captured on videos, receipts, transactions, iPhone purchase,... However, in this particular CASE of ransom demand and national significance, the law enforcement must have led a well defined trap to track every detail from the start. Who asked them to stand down? Most detectives are effective and efficient, however, they’re controlled.

Stay focused on the subject matter and don’t resort to abusive conduct.

Posted by: Max | Jul 13 2021 16:47 utc | 125

#125
You have yet to demonstrate one iota of real world experience or knowledge from start to the latest post.
Why again should I pay any attention whatsoever to what you say?
You say you have seen a real world example.
Was it a complex case like cryptocurrency/ransomware or was it something dumb like employee embezzlement?
LE has direct access to bank account data without a warrant. To use the data, a warrant needs to be obtained but absolute access is push button.
But then again, you don't know anything about the real world, what LE can and cannot do etc as continues to be abundantly demonstrated.

Posted by: c1ue | Jul 14 2021 16:37 utc | 126

@ c1ue (#126)

What is your real world experience? Committing or enabling frauds & crimes? You make an ass of yourself by attributing the example to “employee embezzlement.”

I have real experience in the payment space and have friends at many cyber security companies, led by NSA officials. They have dealt with these ransomware challenges. They develop multiple solutions in the cyber intelligence sector. How many crimes do you have real life experience with?

The core premise is that the law enforcement has many tools to catch criminals that commit cyber and ransomware crimes. The only question is whether they are asked to or look the other way.

Posted by: Max | Jul 14 2021 18:02 utc | 127

Central Bank Cryptocurrency is the EU's Commission's dream after banning all cash.

Posted by: Willie | Jul 14 2021 21:46 utc | 128

Bitcoin is rubbish. Who invented it? Where does he live? How much real money does he have? You pay money to get real money for bitcoin? You trust this? Please do not be children. Grow up to adults. What about other crypto? If you trust crypto, will you send me your money please? I can also invent crypto. I will spend money on wife and family inshaalah. We will have much larger house inshaalah. We will also donate to the poor inshallah. No lies. I will say my crypto is just a symbol and you will donate money to me to help me. Is that fair? Or is that stupid?

Posted by: Gul | Jul 19 2021 17:45 utc | 129

Your banking system is evil. They print money, they lend money with usury, so they make more money from nothing, they make money from the real workers who remain poor. The usurers become rich. Please stop being stupid. Do not let usurers have your money. Real money is gold and silver.

Posted by: Gul | Jul 19 2021 17:51 utc | 130

Paper money can also be tracked. It is very easy. The government can track where every paper money goes. There is a serial number on every bill. The real money is gold and silver. There is more real money, which has some real value such as food items or other things we need to live. What is a piece of paper worth? Can you eat paper? The system seems to work now, but wait until a loaf of bread costs $20 and there is not enough water.

Posted by: Gul | Jul 19 2021 18:22 utc | 131

« previous page

The comments to this entry are closed.