NatSpecs

Ransomware Goes Prime Time on HBO

By Philip Reiner on September 3, 2021

Ransomware has for the first time become a topic for dinner table conversation, frequent news headlines and prime time TV—which is at once encouraging and daunting for those  of us who have been quietly fighting these cyberattacks for years.

On the positive side, increased awareness of ransomware is spurring governments and international organizations to step up protections against threats, and to seek out coordinated solutions to further boost their defenses. Just last week, for example, President Joe Biden met with tech, education and critical infrastructure leaders to discuss new strategies, calling cybersecurity a “core national security challenge.”

And on the downside, this increased attention to ransomware is the unfortunate result of the growing number and scale of attacks, as well as the ensuing disruption across the globe. The Colonial Pipeline breach last May was arguably the most infamous hack in the United States, which resulted in long lines at gas stations whose televised images evoked memories of the 1970s oil shortages.

Ransomware’s fame and notoriety was on full display in August when HBO’s Last Week Tonight With John Oliver aired a 22-minute segment on recent attacks that was in-depth, informative and scary—and at times irreverent and hilarious. And while those of us in the national security and cybersecurity communities would rather the threat not warrant a segment on HBO, the show did demonstrate that more and more people are taking ransomware seriously.

It was also encouraging to see the segment highlight critical strategies and practices to prevent attacks, with John even drawing from the comprehensive framework of recommendations that the Institute for Security and Technology published in April this year, in partnership with a coalition of experts across industry, government, law enforcement, civil society and international organizations.

And while much of the global focus has centered on government and international responses to ransomware, it was refreshing to see John pay particular attention to what households and businesses can do to defend themselves. “Companies and private individuals have to step up too,” he noted, adding: “There are some basic things that we should all absolutely be doing.”

Those recommendations included setting up multi-factor authentication, regularly updating computer operating software, and resisting the urge to open suspicious emails. While seemingly simple, those steps could have prevented the Colonial Pipeline hack, where criminals breached a legacy network protected by single-tracker authentication. And as John noted, the threat and potential for disaster will only grow worse as we all increase our dependence on digitally connected tools and networks.

“It’s in everyone’s interest to get this under control,” he said, “because right now, it really, really isn’t.”

As we noted with all of our partners in the comprehensive framework, getting a handle on the problem isn’t impossible and requires awareness, coordination and commitment. The resulting deterrence and reduction in attacks would make ransomware relatively boring again—which is something we should all strive for.