Ransomware gangs now face a new, huge adversary

The U.S. Cyber Command’s Gen. Paul M. Nakasone, confirmed to The New York Times this past weekend that the military and spy agencies are no longer sitting on the sidelines as domestic companies are increasingly targeted by ransomware attackers, who take control of computer networks and threaten to relinquish access only after they’re paid.

Nakasone declined to elaborate on any recent Cyber Command missions against cyberhackers, but the military’s change in position coincided with ransomware attacks against the networks of gasoline supplier Colonial Pipeline and meat processing giant JBS. Nakasone said the criminals behind those hacks—most of whom are believed to be based overseas, particularly in Russia—have been “impacting our critical infrastructure.”

“Take a look at the broad perspective of adversaries that we’ve gone after over a period of five-plus years: It’s been nation-states, it’s been proxies, it’s been criminals, it’s been a whole wide variety of folks that each require a different strategy,” Nakasone told the Times.

The success of ransomware attacks against domestic companies puts the U.S. military in a tricky position—one that needs far more discussion by lawmakers in the years to come.

To date, responding to corporate ransomware hacks have largely been the responsibility of law enforcement working in coordination with the business victim. That process, however, often takes years to complete, if policing agencies can even identify who’s culpable. 

U.S. Cyber Command, by contrast, can move much faster to halt ongoing hacks, prevent future attacks, and punish those deemed responsible. But it raises essential questions about the rules of engagement.

What kind of attacks against companies or services warrant a military cyber response? How does the military define a proportional response to ransomware hacks? Can the military take proactive counter-ransomware actions, or merely respond to known attacks? What kind of access to corporate networks is Cyber Command entitled to?

Two top academics in the cyberwarfare field, Erica Borghard and Lauren Zabierek, highlighted the innumerable questions that arise from this new front earlier this year in a column on news site Lawfare. They warned that the U.S. risks a sense of mission creep if policymakers and corporate leaders neglect to draw clearer parameters.

“Failure to consider critical issues—such as how to integrate military efforts with other government actions, how to organize cyber forces to conduct counter-ransomware missions, and the trade-offs and challenges associated with employing military authorities and resources to tackle ransomware—risks repeating similar blunders made in response to previous policy challenges, like terrorism,” Borghard and Zabierek wrote.

Judging by Nakasone’s comments, the U.S. military appears ready for a larger assault on ransomware attackers. The civilian political and business class needs to prepare itself, too.

Want to send thoughts or suggestions for Data Sheet? Drop me a line here.

Jacob Carpenter

NEWSWORTHY

Hackers go to the Bitmart. Executives for the cryptocurrency trading platform Bitmart confirmed Saturday that hackers stole about $150 million worth of assets from it, the latest crypto upheaval causing uncertainty in the market, CNBC reported. Bitmart officials, who pledged to reimburse victims of the hack, cited a “large-scale security breach” of two hot wallets, a term for Internet-accessible crypto storage locations. Peckshield, a leading cybersecurity firm that first highlighted the breach, pegged the loss at nearly $200 million based on its analysis of the hack. The theft comes four months after a hacker stole—and, strangely enough, returned—about $600 million from the Poly Network platform. The price of Bitcoin also plunged 20% at one point over the weekend, a reflection of higher volatility in the crypto market. 

A rough start to the week for EVs. Electric vehicle manufacturers Tesla and Lucid both saw their stocks fall early Monday, even as the overall market surged, following the disclosure of separate U.S. Securities and Exchange Commission investigations into the two companies. Reuters reported that Tesla received notice that regulators are probing a whistleblower complaint alleging that the company failed to properly disclose fire risks tied to defective solar panels systems. Lucid disclosed in corporate filings that the company received a subpoena as part of an investigation that “appears to concern” its special purpose acquisition company, or SPAC, deal with Churchill Capital Corp. IV to go public, CNBC reported. Tesla’s stock was down 1% in early afternoon trading, while Lucid’s stock dipped 6%. 

Trump’s social media launch will be huuuuge. The venture underpinning former president Donald Trump’s planned social media company expects to raise more than $1.25 billion in investments following a merger with so-called blank check firm Digital World Acquisition, Reuters reported Saturday. The financial backing will help Trump launch TRUTH Social, his response to Big Tech social media platforms that banned him for perpetuating false claims of widespread election fraud that precipitated the Jan. 6 attack on the U.S. Capitol by his most fervent supporters. Trump Media & Technology Group and Digital World Acquisition said about $1 billion had been raised from “a diverse group of institutional investors,” whom they declined to name. However, Digital World Acquisition disclosed Monday that the SEC and Financial Industry Regulatory Authority are in the early stages of investigations into the potential merger.

A less-than-buzzworthy debut. Buzzfeed saw its shares spike and subsequently tumble in a rocky first day on the Nasdaq, an illustration of investor uncertainty around the largest digital media company to go public in several years, Bloomberg reported. After jumping about 50% in early morning trading, Buzzfeed's shares tumbled 14% from their opening price by late morning, but rebounded somewhat to a 5% decline by early afternoon. Buzzfeed faced investor skepticism headed into Monday after raising just $16 million through its SPAC merger, a small fraction of its $288 million target.

FOOD FOR THOUGHT

Under the hood of TikTok. How has TikTok become one of the largest and most addictive social media hubs? A highly successful algorithm designed to keep you on the app, naturally. The New York Times’ Ben Smith got a copy of a company document that outlines, in broad strokes, TikTok’s formula for adding users and keeping their eyeballs on the screen. While outside observers caution that the algorithm alone doesn’t explain TikTok’s triumph—also credit its ubiquity and focus on video—the document puts the tactics of social media companies into stark, relatively easy-to-digest terms.

From the article:

The new document was shared with The New York Times by a person who was authorized to read it, but not to share it, and who provided it on the condition of anonymity. The person was disturbed by the app’s push toward “sad” content that could induce self-harm.

The document explains frankly that in the pursuit of the company’s “ultimate goal” of adding daily active users, it has chosen to optimize for two closely related metrics in the stream of videos it serves: “retention”—that is, whether a user comes back—and “time spent.” 

The app wants to keep you there as long as possible. The experience is sometimes described as an addiction, though it also recalls a frequent criticism of pop culture.

IN CASE YOU MISSED IT

Lucid shares tumble as SEC subpoenas Tesla rival over its SPAC deal, by Christiaan Hetzner

FTSE Russell is developing a crypto index, by Chris Morris

Tom Brady debuts new NFTs highlighting beginning of NFL career, by Vildana Hajric and Bloomberg

Bitcoin’s weekend carnage sends jitters through the crypto markets, by Sophie Mellor

Inside the Rolls-Royce plane that just smashed the electric-flight speed record, by Christiaan Hetzner

Why drones won’t deliver your holiday gifts this year, by Jessica Mathews

BEFORE YOU GO

Oh, for simpler times. Add this to the list of questions that today’s parents must unfortunately ponder: Would you want to know if your pre-teen kid sent or received texts with nude photos? Apple considered this quandary ahead of its iPhone iOS 15.2 release, debating whether to add a feature that would notify parents if their age 12-or-under child accessed such content, The Wall Street Journal reported. The company ultimately decided that pre-teens will get two warnings from Apple before sharing or opening potentially nude photos, as determined by the company’s software, but moms and dads won’t know. Apple officials and privacy experts worried about the unintended consequences of parental notifications, such as revealing an LGBTQ+ child’s sexuality.