HomeOpinionOpinion: This should be...

Opinion: This should be America’s next step to stay ahead of ruthless cybercriminals

Ransomware attacks are a lucrative business for cybercriminals who target victims from safe havens. Bill Hinton/Moment RF/Getty Images/File

The threat cybercrime poses to nations, businesses and individuals has reached a critical juncture — and it’s time to recognize that cybercriminals are operating freely in countries that provide them shelter, causing economic harm and undermining global security.

The United States International Cyberspace and Digital Policy Strategy, published by the State Department in May, introduces the concept of “digital solidarity” to collaboratively battle malicious cyber activity. However, this strategy overlooks a critical tool for combating cybercrime: the designation of state sponsors of cybercrime.

To close this gap and get ahead of increasing cyber threats, the United States must take the lead in identifying and designating nations that harbor cybercriminal organizations.

The exponential rise of cybercrime demands an escalated international response. Ransomware attacks alone reaped record payouts in 2023 and are projected to cost the world more than $40 billion in 2024. Nation-states, major corporations, critical infrastructure providers, schoolshospitals and ordinary citizens have all fallen victim. The ubiquity of cybercrime has normalized what was once a niche threat reserved for high-value targets.

This normalization stems from the proliferation of cybercrime safe havens — nations that allow cybercriminal syndicates to operate within their borders without fear of extradition or prosecution. By “looking the other way,” these countries provide cybercriminals the stability and infrastructure to plan complex attacks and safely store illicit proceeds. Likely emboldened by state protection, hackers based in safe havens can escalate their attacks with deepening sophistication.

Russia epitomizes this model of state cyber sanctuary. Despite issuing public condemnations of cybercrime, the Kremlin is quietly supporting hacking groups as long as those groups don’t target Russian interests and are willing to do Moscow’s bidding when called upon. Symbiotic relationships have developed, with hackers sharing stolen data with Russian intelligence and the state providing legal safe harbor and access to money laundering services.

The scale of this problem is significant. According to a recently released TRM Labs report, Russian-speaking ransomware groups accounted for at least 69% of all cryptocurrency proceeds from ransomware in 2023, exceeding $500 million.

North Korea has embraced cybercrime on an institutional scale to circumvent international sanctions and fund its nuclear program. Unlike traditional scenarios where organized crime attempts to infiltrate the state, North Korea represents a reversal of this dynamic: The state itself has penetrated and co-opted organized cybercrime.

North Korean hacking units act as pillars of a massive state-sponsored criminal enterprise. These groups have conducted sophisticated ransomware attacks explicitly at the direction of North Korea’s Reconnaissance General Bureau, as noted in a recent US indictment against a North Korean hacker sought by the FBI. Notably, North Korean hackers often operate from other countries, including China, to obscure their origins and exploit lax cybersecurity environments. Pyongyang’s nuclear ambitions are supported by the very cybercrime it claims to prohibit, with the state acting as the orchestrator of these illicit activities.

By allowing cybercrime safe havens to proliferate unchecked, the international community has acquiesced to a perpetual escalation of costly and destabilizing cyber attacks. This issue extends beyond well-known actors such as Russia and North Korea to include a number of countries across various regions that turn a blind eye to cybercriminal activities within their borders. Impunity has become an incentive for hackers to migrate to safe-haven countries.

This self-reinforcing cycle jeopardizes not just the digital security and economic prosperity of the US and other nations that play by the rules but also the long-term viability of an open internet. Addressing these challenges requires a comprehensive approach drawing on all instruments of statecraft, including economic sanctions, diplomatic measures, intelligence capabilities, law enforcement cooperation, disruption of cybercriminals’ activities and strategic communications.

Designating states as sponsors of cybercrime, much like the State Department designates state sponsors of terrorism, would initiate a long-overdue course correction. This strategy is in line with legislation being put forward by Senate Intelligence Committee Chairman Mark Warner of Virginia, who aims to classify ransomware as a threat akin to terrorism.

While Warner’s provision in the Intelligence Authorization Act for Fiscal Year 2025 focuses specifically on ransomware, our suggestion to designate state sponsors of cybercrime would encompass a broader range of malicious cyber activities. Explicit criteria such as active non-cooperation with cybercrime investigations, profiting from cybercriminal safe harbors or aiding hackers with training, resources and infrastructure should trigger designation. Just as with designations for state sponsors of terrorism, this would allow the US to leverage coordinated sanctions, diplomatic penalties, foreign aid restrictions and other accountability measures.

By allowing cybercrime safe havens to proliferate unchecked, the international community has acquiesced to a perpetual escalation of costly and destabilizing cyber attacks.”

Frank Cilluffo and Joshua Whitman

This approach builds upon established precedents in combating global threats. For decades, Congress has mandated that the State Department produce annual reports detailing patterns of global terrorism and naming top terrorist groups. A similar framework for cybercrime could prove equally effective.

Annual reports on state-sponsored cybercrime could identify major cybercriminal syndicates and document their most significant attacks while designating nations that provide safe haven as state sponsors of cybercrime. Additionally, large cybercrime syndicates could be designated as Transnational Criminal Organizations, a classification that would unleash additional law enforcement and Treasury Department tools to combat these groups; for example, last month Treasury’s Office of Foreign Assets Control designated two Russian hackers whose group, Cyber Army of Russia Reborn, claimed attacks on US critical infrastructure targets including water facilities in Texas.

This designation would provide a consistent basis for expanded actions against cyber threats, leveraging the full range of US government capabilities to tackle this growing menace.

Some may argue that such designations could dangerously escalate tensions between cyber superpowers that already engage in antagonistic hacking operations. Others may claim that proving explicit state sponsorship is an unnecessarily high legal bar. However, these risks pale in comparison to the existential threat that cyber safe havens pose to the rules-based international order.

Admittedly, effective cyber designations require rigorous evidence-gathering and multilateral cooperation. But the US intelligence community has persistently tracked the Kremlin’s cyber reserve forces and Pyongyang’s institutionalized hacking kleptocracy, along with other countries with active state-sponsored cyber warfare such as China and Iran.

The United States has both the justification and capabilities to productively initiate an international cyber designation regime now, particularly as a constant barrage of cyber attacks collectively poses a significant threat to our security. Just as previous counterterrorism and anti-crime designations have isolated rogue states, multilateral cyber designations could compel Russia, North Korea and those aspiring to offer hackers safe haven to rethink the efficacy of their current criminal-harboring models.

Holding nations accountable for sponsoring cybercrime is a critical first step on the long path toward establishing a collective cyber deterrence rooted in the rule of law. Continuing to allow shadowy hacking havens to exist in the gray spaces of geopolitics all but ensures an ever-escalating future of cyber insecurity and instability. Designations may not halt cybercrime overnight, but they initiate a long-overdue process of creating international accountability.

Strategic inaction is no longer an option for the integrity of the internet, economic prosperity and collective security of all nations committed to a more democratic and prosperous world.

- A word from our sponsors -

spot_img

Most Popular

LEAVE A REPLY

Please enter your comment!
Please enter your name here

More from Author

China’s economy is in bad shape. Can its ‘whatever-it-takes’ stimulus effort turn things around?

After four miserable years, a soaring stock market has brought relief...

California governor vetoes contentious AI safety bill

California Governor Gavin Newsom on Sunday vetoed a hotly contested artificial intelligence safety bill,...

- A word from our sponsors -

spot_img

Read Now

WNBA Playoffs: Las Vegas Aces stave off elimination and keep three-peat hopes alive with win against New York Liberty

As the WNBA season hurtles towards its conclusion and four teams compete for a spot in the finals, the Las Vegas Aces staved off elimination with a win against the New York Liberty, while Napheesa Collier made franchise history for the Minnesota Lynx as they took a 2-1 series lead over...

China’s economy is in bad shape. Can its ‘whatever-it-takes’ stimulus effort turn things around?

After four miserable years, a soaring stock market has brought relief for Francis Lun, who runs a small 10-person brokerage in Hong Kong. Since the beginning of 2020, he’s seen the city’s lifeblood, its Hang Seng Index, experience an unprecedented consecutive decline due to economic woes and pandemic...

European soccer round-up: Manchester United sinks to another humiliating defeat, Madrid derby marred by fan trouble

If Manchester United fans thought that this season would be a chance to start fresh, any early-season optimism seems to have been misplaced. United fell to a third league defeat in six games on Sunday, losing 3-0 at home against Tottenham amid captain Bruno Fernandes’ red card. There were dramatic results...

California governor vetoes contentious AI safety bill

California Governor Gavin Newsom on Sunday vetoed a hotly contested artificial intelligence safety bill, after the tech industry raised objections, saying it could drive AI companies from the state and hinder innovation. Newsom said he had asked leading experts on Generative AI to help California “develop workable guardrails” that focus “on developing...

Sean ‘Diddy’ Combs wants to testify at his trial, lawyer says: ‘I don’t know that I can keep him off the stand’

Sean “Diddy” Combs wants to testify at his criminal trial for charges of sex trafficking and racketeering, according to his attorney. “I don’t know that I can keep him off the stand. He is very eager to tell his story,” the embattled rap mogul’s attorney Marc Agnifilo said...

WNBA playoffs: Caitlin Clark and Indiana Fever swept in first round, Diana Taurasi plays potentially last ever game

The final four of the 2024 WNBA playoffs are set. The first round of the postseason concluded on Wednesday, with the Connecticut Sun and Minnesota Lynx booking their spots in the semifinals. Here’s everything you need to know about which squads are moving on, and which groups are heading home. Sun sweep...

US to return a trove of nearly 300 history-spanning antiquities to India

The US is returning 297 history-spanning antiquities stolen or smuggled from India, many dating back centuries. Marking the handover, President Joe Biden and Indian Prime Minister Narendra Modi posed for a photo in front of several of the artifacts, during a recent meeting between the two leaders. In July,...

Melania Trump was paid for a rare appearance at a political event. It’s not clear who cut the unusual six-figure check

Melania Trump has barely been seen on the campaign trail this year. One of the few times she has appeared at a political event, she’s received a six-figure paycheck – a highly unusual move for the spouse of a candidate. The former first lady spoke at two political...

TOLUNA

Welcome to Toluna, the fastest, most fun, easiest way to ask and answer questions through threads and polls. It's a fun global community that lets you express your opinions online and lets you change the future of products!You can ask anything you want to other members and...

Beauty queen at center of South Africa xenophobia spat crowned Miss Universe Nigeria

 Chidimma Adetshina, a beauty pageant contestant who faced a wave of hostility in South Africa after questions arose about her nationality, has been crowned Miss Universe Nigeria. Adetshina, age 23, triumphed at the pageant held in Lagos on Saturday night. She will represent Nigeria in the Miss Universe competition in Mexico in November. Last...

Prime Opinions – Survey Rewards

Prime Opinions is the most reputable platform out there that pays users for completing surveys.Sign up for free to take easy surveys, share your shopping habits, and even discuss your favorite sports teams.After completing each survey, you will be rewarded with accumulated points that can be redeemed...

The boredom scroll on socials may be making your problem worse, study says

Puppies, dancing babies, celebrity soundbites: A common go-to salve for a bout of boredom is to swipe through videos on your social media platform of choice. But that habit is likely making your problem even worse, according to new research. “Our research shows that while people fast-forward or...