[Cryptography] In the latest unexpected ransomware twist ...
Phillip Hallam-Baker
phill at hallambaker.com
Thu Jun 10 17:36:22 EDT 2021
On Wed, Jun 9, 2021 at 11:33 PM John Ioannidis <jayeye at gmail.com> wrote:
> On Mon, Jun 7, 2021 at 9:29 PM John Levine <johnl at iecc.com> wrote:
>
>> The U.S. Justice Department says it has recoverd most of the bitcoin
>> ransom that
>> Colonial Pipeline paid in the ransomware attack last month.
>>
>
> What really pisses me off is that Colonial is considered the victim here,
> when they are really guilty of criminal negligence.
> Entirely predictable, but still infuriating.
>
I am always reluctant to point the finger of blame outside the IT world.
Email is not fit for purpose when a single mouse click can install malware
that causes the company to collapse. We could easily fix that if we had the
will to do so. What does it take to create that political will? Well it
might be as simple as President Biden making a public statement to the
effect that this is a problem and asking Microsoft, Google etc if this
vulnerability really is inescapable.
Sure, there are many things that could have been done but I am not seeing
the IT world stepping up to do them. Here is my four point plan:
How to Fight Ransomware. Abstract | by Phill Hallam-Baker | Jun, 2021 |
Medium <https://hallam.medium.com/how-to-fight-ransomware-e4ad8a1931c9>
Yes, folk who are getting rich off BTC (or imagine they are) will
immediately look at the last point and give the same sort of response that
the apologists for slavery did back in the day. I promise you that the
economic interests supporting slavery, tobacco, coal, etc. were all vastly
stronger than any support people might imagine there is for BTC.
I distinguish government regulation of end-to-end encryption from
regulation of 'crypto-currencies' by pointing out that the first is words
and the second is a deed. There are two centuries of liberal thought that
makes government regulation of communication subject to the very highest
levels of scrutiny. But I really, really do not care about how unpopular
telling the truth as I see it among the coinsplaining community.
Like Paul, I doubt Colonial is the last straw that breaks BTC but I also
expect that Colonial will be merely the first of many and not just in the
US. China has even less ability to defend its critical infrastructure
because they copy off the US rather than building indigenous security
expertise. So the only answer Xi is going to have is going to be of the
'round up some BTC miners and have them shot' variety.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20210610/de88e2e4/attachment.htm>
More information about the cryptography
mailing list