What Can Be Done To Fight Back Against Ransomware Attacks
AUDIE CORNISH, HOST:
In Texas, authorities are dealing with the aftermath of a ransomware attack last week. Twenty-two mostly rural towns had their computer systems locked down by hackers who demanded millions of dollars in ransom. Experts say attacks like these are on the rise across the U.S. They're targeting both local governments and private companies.
So what can be done? Well, Josephine Wolff has some thoughts about this. She studies cybersecurity policy at Tufts University. She recently wrote an op-ed in The New York Times entitled "They Stole Your Files, You Don't Have To Pay The Ransom."
Welcome to ALL THINGS CONSIDERED.
JOSEPHINE WOLFF: Hi. Thanks so much for having me.
CORNISH: So first, just set the stage for us. How common are these kinds of attacks on computer systems for cities and towns? And what happens once that ball gets rolling?
WOLFF: So it's very hard to put an exact number on how common they are because a lot of the time, they go unreported. But just in the past couple years, we've seen Atlanta. We've seen Baltimore. We've now seen all of these towns in Texas. We've seen a bunch of towns in Florida. So even just the ones that do get publicly revealed that we know about, it's sort of astonishing how many of them we've seen in just the past two years alone.
CORNISH: We don't know for sure, as you said, because they don't report. But is there a sense that people are paying up?
WOLFF: There is certainly a sense that people are paying up, including public agency victims. We know at least two of the towns in Florida exceeded to fairly steep ransom demands in part because we think their insurers were covering a large chunk of that cost. So definitely, it is a situation where even the government actors who we would hope would be sort of role models in this are giving in to these ransom demands in some cases.
CORNISH: Now, you talk about the No More Ransom initiative. Can you tell us more about what it is and how it would help ransomware victims - individuals - to start to get their data back?
WOLFF: So the No Ransom Project is a collaboration between a bunch of law enforcement agencies - primarily in Europe but also all over the world - and private companies that develop tools to help people reverse the effects of ransomware without having to pay ransoms. And the law enforcement agencies provide an interface for people who've been affected to go online, upload one of their encrypted files or the ransom note that's been left behind, so they can figure out which strain of ransomware they're dealing with. We do know that people are using them. We know that they're working - not all the time. They can't be used for every strand of malware. But a lot of the time, we've seen people able to recover their files this way.
CORNISH: Are these tools that can be applied on a larger scale, right? I mean, we've been talking about cities and towns dealing with these kinds of attacks.
WOLFF: Absolutely. And I think one of the things that has been very frustrating for some of the companies that developed these tools is that none of the U.S. law enforcement agencies have partnered with No More Ransom or been willing to advertise or publicize any of these tools on their website. So some of the towns and cities in the U.S. may not even know about them, even though we know they've been infected by strands of ransomware that sometimes can be susceptible to these tools.
CORNISH: You know, when someone is attacked in this way, a panic sets in, right? You're effectively told, look, we're holding all of your data hostage, and if you are a city or a hospital, you just want to get it back. You don't have a lot of time to Google no more ransomware. I mean, how should people be thinking about this in those moments?
WOLFF: So I think that's a really good point, especially because a lot of these ransom demands have ticking clocks on them. They say, you know, in 24 hours, if we don't receive your payment, we're going to delete all of your files or the ransom is going to increase. And so people are often very frenzied in that moment. And that's one of the reasons, I think, it's so important to have a proactive awareness-raising campaign around this.
CORNISH: Josephine Wolff is assistant professor of cybersecurity policy at the Tufts Fletcher School of Law and Diplomacy.
Thank you for explaining this to us.
WOLFF: Thanks so much for having me.
NPR transcripts are created on a rush deadline by Verb8tm, Inc., an NPR contractor, and produced using a proprietary transcription process developed with NPR. This text may not be in its final form and may be updated or revised in the future. Accuracy and availability may vary. The authoritative record of NPR’s programming is the audio record.