Revil is a solid choice for a villain’s name: Are Evil. evil. Evil and yet funny. I could imagine that Black Widow, Hulk and Spider-Man together toppled the leadership of Revil Incorporated.
The criminal gang using the Reville name may have enabled ransomware attacks on thousands of small businesses around the world this summer – but the ransomware problem is bigger than Reville, LockBit or Darkside. Revil has disappeared from the Internet, but the problem of ransomware remains the same.
Reveal is a symptom, not a cause. I recommend Tony Stark and his fellow Avengers to look into one of the criminal organizations – because there is no evil mastermind. Ransomware is the latest in a development of 50,000-year-old petty criminals searching for plans to get rich quick.
The huge jump in the number of ransomware incidents stems from the lack of centralized control. Last year more than 304 million ransomware attacks affected global businesses, costing more than $178,000 per incident. Technology has created a market where countless petty criminals can make good money fast. The best way to fight this kind of threat is with a market based approach.
The rise in global ransomware attacks reflects the massive “dumping down” of criminal activity. There are many options available to people who want to earn illegal money today as compared to two years ago. Without the technical chops, people can steal your data, hold it for ransom and force you to pay to get it back. Law enforcement has yet to respond to combating this form of cybercrime, and large, sophisticated criminal networks have yet to figure out how to control encroaching upstarts.
The spike in ransomware attacks is due to the “as a service” economy. In this case, we are talking about Ras, or Ransomware as a Service. This works because each function in the ransomware chain benefits from superior sophistication enabled by division of labor and expertise.
Somebody finds a weak target. Someone provides bulletproof infrastructure outside the jurisdiction of responsible law enforcement. Someone provides malicious code. All the players come together without knowing each other’s names. No need to meet in person as Mr Pink, Mr Blonde and Mr Orange have the ability to coordinate tasks simplified. The rapid pace of technological innovation created a decentralized market, allowing amateurs to engage in high-dollar crimes.
There is a gig economy for the underworld, just as there is for the world of legal business. I’ve built two successful software companies, even though I’m an economist. I use open source software and rent infrastructure through cloud technologies. I operated my first software company for six years before I sought outside capital, and I used that money for marketing and sales more than technology.
This technological advancement is both good and bad. The global economy performed better than expected during the global pandemic as technology enabled many people to work from anywhere.
But the illegal markets of crime also benefited. Reville provided a service — a piece of a larger network — and earned a portion of the proceeds from ransomware attacks by others — like Jeff Bezos and Amazon. provide me.
To fight ransomware attacks, appreciate the economics – the markets that enable ransomware – and changing market dynamics. Specifically, do three things:
1. Analyze the Market Like a Business Executive
Any competitive business thinks about what is allowing competitors to succeed and how they can outperform. The person behind the ransomware strike is an entrepreneur or employee of a firm engaged in cybercrime, so start with good business analytics using data and smart business questions.
Can crime-enabling crypto technologies also be used to enable entity resolution and denial of anonymity/pseudonym? Could technology undermine a criminal’s ability to recruit, coordinate or transfer, store and spend proceeds from criminal activity?
2. Define winning in terms of the market
Performing analysis to understand competing firms allows a more clear view of the market for ransomware. Eliminating one “firm” often creates a power vacuum that will be filled by another, provided the market remains the same.
Revil disappeared, but ransomware attacks continue. Conquering from the market point of view means creating markets in which criminals choose not to engage in the activity in the first place. The goal is not to catch the criminals, but to stop the crime. The victory against ransomware is when arrests are reduced as attempted attacks drop to near zero.
3. Compete the Race as an Entrepreneur in a Competitive Market
To stop ransomware is to fight against criminal entrepreneurs, so the task requires thinking like an entrepreneur and fighting crime.
Entrepreneurs fighting crime need collaboration – a worldwide network of government officials, banking professionals and technologists in the private sector must come together.
The ability to securely share data, information and knowledge while maintaining confidentiality through artificial intelligence and machine learning. The tools of crime become the tools of dealing with crime.
No evil mastermind sits in their den laughing at the anarchy that has been imposed on the economy. Instead, a growing number of hobbyists are looking for ways to make quick money. Tackling the ransomware industry requires the same coordinated focus on the market that enabled amateurs to enter cybercrime in the first place. Iron Man would certainly agree.