John Oliver on ransomware attacks: ‘It’s in everyone’s interest to get this under control’

On Last Week Tonight, John Oliver delved into the murky, increasingly common and destructive world of cyberattacks, particularly ransomware attacks in which hackers infiltrate a network, seize critical data, and demand a ransom to unlock it.

Ransomware attacks have in recent years grown in scope and significance of the damage – in May, a cybercriminal group known as DarkSide infiltrated the networks of Colonial Pipeline, forcing the company to shut down its 5,500 miles of pipelines and causing panic-buying runs on gas stations in the south-east. Just two months later, an attack on Florida-based IT systems company Kaseya was considered the worst ransomware attack to date because it spread through multiple customer networks and affected 800 to 2,000 businesses, from supermarkets in Sweden to schools in New Zealand.

“If you’re thinking, hold on, is it just me or did there not used to be a ransomware attack every two months? You’re actually right,” said Oliver. “Over the past few years, it’s gone from a trickle to an absolute flood.” The estimated ransoms paid quadrupled last year to $350m – “definitely an undercount”, said Oliver, “because companies often don’t publicly disclose ransomware attacks for fear of negative press or lawsuits”.

Ransomware attacks have caused chaos for city governments such as Baltimore and New Orleans, as well as school districts and hospital systems, 85% of which do not have a qualified security person on staff. “Even organizations that are scrupulous about backing up data so that it could be easily recovered can still be vulnerable, because hackers are not just encrypting data, they’re also threatening to release files or personal information publicly,” Oliver added.

Russian-speaking hackers released the personal information of 22 DC police officers this May; in 2017, hackers demanded $6m from HBO under threat of releasing unaired episodes of Game of Thrones, “which, to be honest, is a pretty weak threat”, said Oliver. “If HBO is going to be publicly humiliated, it’ll be by releasing the last season of Game of Thrones on its own terms.”

Most ominously, ransomware attacks now threaten numerous internet-connected, “smart” in-home devices, such as thermostats, TVs, ovens or even internet-enabled sex toys, such as a butt plug. Which prompted Oliver to remind his audience “assholes are like opinions – letting the internet be in charge of yours is a really bad idea”.

Oliver was legally obligated to say that the butt plug comes with a physical key for emergencies, “which I’m not sure is completely reassuring – keys do get lost, don’t they? Just picture the last time you searched for keys around your house and now raise the stakes significantly.”

The point, he continued, was that the costs of ransomware keep raising, as the barrier to entry keeps lowering. The explosion in attacks derives from three main factors. First, ransomware as a service, as in hacking programs sold a la carte, precluding technical know-how. “Ideally, no one would launch ransomware attacks,” said Oliver, “but my next preference would be that launching one should require significantly more work than simply clicking ‘add ransomware to cart.’”

Second, the rise of cryptocurrencies, which has made it easier to make money off of ransomware attacks, and more difficult for law enforcement to recover it. But “despite the fact that hackers now have the ability to make their financial transactions in secret, it is not always that hard to figure out where exactly the money is going,” said Oliver, pointing to videos of Russian hacking group “Evil Corp” obstructing traffic with donuts by a Lamborghini (license plate, in Russian: “thief”), posing with stacks of cash and stroking a pet lion cub.

“There’s actually a reason that those hackers felt so comfortable driving around with license plates that are basically an admission of guilt,” Oliver continued, as several countries, particularly Russia, operate as “safe havens” that will look the other way as long as the ransomware attacks are outside their borders.

“When you put all of this together – with cybercriminals able to buy ransomware off the shelf, get paid in a currency that’s hard to trace, and work free from state interference – is it any wonder we have such a massive problem on our hands?” Oliver wondered.

The host did note some encouraging developments: the justice department recently formed a task force to curtail the proliferation of ransomware attacks, and the infrastructure bill passed this month includes $1bn for improving local governments’ cybersecurity.

Oliver also urged individuals and private businesses to take their own preventative steps: set up two-factor authentication, keep computers up to date, and avoid clicking on suspicious emails. “I know that those measures sound small when we’re facing something so terrifying,” he said, “but in a world where most people’s doors are unlocked and wide open, just locking your door might be something of a deterrent here.

“The fact is, it is in everyone’s interest to get this under control,” Oliver concluded, “because right now, it really, really isn’t”.

Comments are closed.