When notorious criminal John Dillinger was asked during the Depression why he robbed banks, he famously replied: ‘Because that’s where the money is.’ That simple observation may offer an answer to the surge of ransomware.
Even as companies struggle to strengthen their protections against hackers, we can target ransomware payments in some quite straightforward ways — and, if the criminals can’t get their money, what’s the point in hacking?
As this essay in the New York Times argues, ‘The United States does not have a ransomware problem so much as it has an anonymous ransom problem. If we can change the payment system to make the kidnapping [of businesses] less profitable, we will go a long way toward a solution.’
The author, Paul Rosenzweig, a former senior official in the Department of Homeland Security, says 95% to 98% of criminals involved in kidnaping people for ransom are caught and convicted, partly because they can be identified when the transfer of money occurs.
By contrast, hackers demand ransomware in cryptocurrency, which, as of now, is extremely hard to trace.