The Beginning of the End for Ransomware?
We kick off a jam-packed episode of the Cyberlaw Podcast by flagging the news that ransomware revenue fell substantially in 2022. There is lots of room for error in that Chainalysis finding, Nick Weaver notes, but the size of the drop is large. Among the reasons to think it might also be real is a growing resistance to paying ransom on the part of companies and their insurers, who are especially concerned about liability for payments to sanctioned ransomware gangs. I also note a fascinating additional insight from Jon DiMaggio, who infiltrated the Lockbit ransomware gang. He says that, when Lockbit compromised and threatened to release Entrust’s internal files, the company responded with days of Distributed Denial of Service (DDoS) attacks on Lockbit’s infrastructure – and never did pay up. That would be a heartening display of courage on the part of corporate ransomware victims. It would also be a felony, at least according to the conventional wisdom that condemns hacking back. So I cannot help thinking there is more to the story. Like, maybe Canadian Security Intelligence Service is joining Australian Signals Directorate in releasing the hounds on ransomware gangs. I look forward to reading more about this undercovered disclosure.
Gus Hurwitz offers two explanations for the Federal Aviation Administration system outage, which grounded planes across the country. There’s the official version and the conspiracy theory (as with everything else these days).
Nick breaks down the latest cryptocurrency failure; this time it’s Genesis. Nick’s not a fan of its prepackaged bankruptcy. And Gus and I puzzle over the Federal Trade Commission’s peculiar determination to write regulations that will outlaw most non-compete clauses.
Justin Sherman, a first-timer on the podcast, covers recent research showing that alleged Russian social media election interference had no meaningful effect on the 2016 US election. That spurs an outburst
Article from Reason.com
