Ransomware: The Pirate's Perspective.

• Author: Dack, Sean
• Position: Emerging Technology Horizons

* When President Thomas Jefferson went to war with the Barbary States in 1801, he redefined U.S. national security to encompass the economic security and prosperity of private U.S. citizens.

Despite the occasional resurgence of conventional pirating, the pirates of today do not sail the high seas. Rather, they sit behind keyboards, conduct cyberattacks and hold stolen information for ransom.

As defined by international law, piracy takes place outside of any state's jurisdiction, is conducted without any state's authority and is not driven by political motives. Ransomware mirrors this definition.

Recent events like the Colonial Pipeline hack that caused gas shortages along the eastern seaboard of the United States and the attack on the world's largest meat processor that threatened U.S. beef and poultry supplies prove ransomware attacks are hitting closer to home.

Much like the Barbary pirates, cybercriminals employing ransomware have found safe havens in countries that are either unwilling or unable to curtail their actions. Once again, the United States must redefine national security, demarcate where ransomware fits within the broader national defense strategy and provide the Defense Department with a clear understanding of its role.

Ransomware is an ever-evolving form of malware designed to encrypt files on a device and render any files, and the systems that rely on them, inaccessible to the owner. Malicious actors then demand a ransom in exchange for decryption. Ransomware is a criminal enterprise, conducted primarily by nonstate actors targeting governments and private businesses, but with murky connections between state actors and ransomware gangs.

Despite the threat that ransomware poses to commerce and national security, the Pentagon has not previously had a clear role to play in response due to ransomware's criminal nature. Consequendy, the FBI and Department of Justice take the lead in investigating incidents, identifying perpetrators and prosecuting them in U.S. courts.

However, the inclusion of cyber as a defense modernization priority marks a clear opportunity for the Pentagon to act and for industry--including NDIA's Emerging Technologies Institute --to make recommendations to shape its approach.

To date, court indictments, public shaming, diplomacy and sanctions have failed to deter ransomware attacks on major U.S. businesses and infrastructure, leading President Joe Biden to directly raise the issue with Russian President...