The one-sentence summary

There is a dark economy based on hacking and ransomware that is often ignored and underreported at our peril.

Can’t be bothered to read it? Listen to the 5-minute summary in two parts.

Want to buy the book? CLICK HERE

WHAT THE BOOK SAYS

  • Cybercrime is everywhere. It is a multi-billion-pound industry run by wily hackers and fraudsters. They bankrupt business, stall governments and steal sensitive data in return for ransoms, which they may or may not honour through the delivery of remedies such as decryption keys.
  • Ransomware is now recognised as a serious threat to global security and the economy, yet it remains a slippery and little understood phenomenon.
  • The author is a leading expert in illicit trading and turns the spotlight on the criminal underworld where organised groups trade stolen information and cryptocurrencies.
  • In a 2024 survey, more than half the enterprises in the Americas, Europe and Asia Pacific with turnover over $10 million experienced a ransomware attack in the previous 12 months. 63% of them faced ransom demands exceeding a million dollars, and the average payment was $2 million. Gangs have taken around $1billion of revenues since 2020.
  • Paying a ransom does not, however, guarantee safety or fast recovery. Attackers could well have left themselves a back door into the system for future attack. One is essentially relying on a code of honour among thieves.
  • The book looks at four interlinked questions:
  1. How did ransomware develop from a curiosity to a minor nuisance to a major national security threat?
  2. What are the implications of normalising ransom negotiations and payments?
  3. What can be done to deter ransomware gangs from their callous business?
  4. How can we make computer users less vulnerable to security breaches and cyberextortion?
  • It covers a complete history from 1989 to 2012 with its various precursors to 2013 when proper ransomware was unleashed on the private sector. From 2020 onwards governments finally became more involved in what is now an epidemic of ransomeware with some promising beginnings of a concerted fightback now emerging.
  • Three factors kept a lid on virtual extortion schemes until 2013: traceability of communications, code-breaking and the interception of ransom payments. The Dark Web changed this, using protocols originally designed to protect the anonymity of communication between spies and dissidents in hostile states and the US Intelligence Community.

WHAT’S GOOD ABOUT IT

  • It all began around 1963 when hackers used their skills to make free phone calls. By the mid-eighties, an analogy was being drawn between computing and AIDS research to explain the manner in which digital data flows and the trust issues that come with it. By the 90s, the term cryptovirology was being used to describe how viruses could be used to extort money.
  • Many of the early scientists who worked on the technology were in a small social bubble of networks who were obsessed with frictionless communication – oblivious to or unconcerned about the idea that such networks would one day be abused. Any form of password protection was lazy at best and it took a long time for the integrity of computer systems to be taken seriously.
  • Many systems could be hacked through a form of social engineering – befriending an employee who unwittingly gave away access details. All computer systems offer an entry point for curious or malicious outsiders and the cards are stacked against preventing them getting access. In this respect, cybercrime often has an offline dimension. It is the shadowy twin of the tech elite, with the hacking community split down the middle. IT professionals and illicit hackers are cut from the same cloth.
  • Bitcoin became the currency of choice in this world and came of age when Bitcoin ATMs started appearing in US cities in 2013.
  • Perhaps surprisingly to the layperson, many gangs follow modern business models to run their operations. Software-as-a service is particularly popular, and the criminals frequently interact in a very helpful way to make sure their victims are guided through the processes needed to decrypt their data and pay the ransom.
  • Insurers and governments have been at loggerheads over who should bear the cost of ransomwar. Some have argued that a ransom attack is tantamount to an act of war and should therefore be treated as such in insurance terms.
  • A form of ransomware dashboard needs four sections: penalties, openness, resilience and ransom payments. Probabilities can then be adjusted to decide on and enact the most appropriate response.

WHAT YOU HAVE TO WATCH

  • Not much. This is a highly informative review of the murky world of cybercrime and will be of great interest to those of us who know little about it.