Last week brought the news that Colonial Pipeline made a $5 million ransom payment to an organized criminal gang to recover data held hostage in a ransomware attack. Separately, Ireland’s health care system was brought down, also by a ransomware attack. It feels like the good guys are losing the fight against international cybercrime.
Action is urgently needed at the domestic and international levels to improve the cybersecurity of critical infrastructure—and to bring the criminal gangs responsible for these attacks to justice. The problem is that there are seemingly irreconcilable conflicts between the pressures felt by the individual organizations targeted by ransomware attackers and the public policy goals that could drive change in responding to them.
The Colonial Pipeline, which acts as a critical artery for delivering gasoline and airplane fuel across the U.S. Eastern Seaboard, was shut down on May 7 following a ransomware attack by a criminal hacking group named DarkSide. The shutdown resulted in gasoline prices spiking amid panic-buying. In some locations, there were even reports of shortages of oil and gasoline.