The Political Threat of Ransomware Attacks

Ransomware as a political weapon is on the rise, said Alex Klimburg, Head of the Centre for Cybersecurity, World Economic Forum, in a recent podcast on Radio Davos

Klimburg, who also uses the term “ransom war” to refer to political ransomware attacks, notes that such attacks have been part of the global landscape for a while now. “Ransom war attacks were first tested in Ukraine, and a lot of the activity that we see right now internationally is sometimes considered to be ransomware and is really done by actual cyber criminals who are really only interested in money. But sometimes it might be politically minded actors that are more trying to cause disruption.” 

Blurred Lines

Jim Guinn, Senior Managing Director, Security, Strategy and Consulting Lead at Accenture, agrees that cybersecurity attacks can stem from various sources. “I think you are going to have the very less than sophisticated gangs that try to make a quick buck by leveraging harvesting credentials and get in, and you're going to have very sophisticated nation-state actors who want to cause disruption in the globe.” 

The cyber weapon of choice these days is ransomware. — Alex Klimburg

An emphasis on fundamentals, such as multi-factor authentication across the board, can help prevent less sophisticated attacks, says Guinn, but attacks originating at the nation-state level are nearly impossible to stop. “If any nation-state, as well-funded as they are, that has really strong cyber capabilities, if they wanted to do harm through a nation-state actor or an affiliate, you cannot stop them. It is simply a matter of time.”

“The cyber weapon of choice these days is ransomware,” Klimburg says, “and very often it is political and therefore really ransom war. Although the lines are intentionally blurred between political actors and cyber criminals.”

Listen to the complete podcast or read the transcript of this in-depth discussion at the World Economic Forum.