The Good, the Bad and the Ugly in Cybersecurity – Week 26

The Good

We always applaud international cooperation on fighting cybercrime. This week, the EU and the US announced a joint operation to fight ransomware. Secretary of Homeland Security Alejandro Mayorkas said that a new ransomware working group would address “the scourge of ransomware that has hurt the U.S” and many other countries.

The new trans-Atlantic cyber cooperation will work across several fronts. Known and would-be cyber criminals can look forward to increased law enforcement action, no matter where in the world they are hiding. The working group will seek to put increased pressure on states that harbor known criminals or turn a blind eye to cyber crime activity, either through extradition or local prosecution. At the same time, the group plans to raise public awareness on how to protect networks from ransomware and to discourage payments by highlighting the increased risk that rewarding criminals brings.

Meanwhile, the EU is also developing resources to boost regional collaboration across the bloc with the launch of a multi-national, rapid-response Joint Cyber Unit. The EU-wide task force will aim to launch operations against ongoing attacks by pooling the cyber security resources of its member states. Based in Brussels, Belgium, at the EU’s cybersecurity agency, the Joint Cyber Unit is expected to be fully operational in early 2023.

The Bad

This week’s good news didn’t come soon enough for the Belgian city of Liege, unfortunately. The country’s third largest city has been hit by Ryuk ransomware, according to local radio and TV stations.

The attack has disrupted the municipality’s IT network and online services, including public services and police. At the time of writing, services such as town hall appointments, birth registrations, weddings and burial services are either canceled or postponed as municipality employees struggle to access the relevant IT systems.

A statement on the municipality website said that the city was suffering from “a large-scale targeted computer attack, obviously of a criminal nature”. Analysis on the scale of the attack and its consequences is ongoing. The statement went on to say that the City authorities were “doing everything to restore the situation as soon as possible”.

If recent incidents are anything to go by, the outage could last several weeks. The recent ransomware attack on fellow EU-member Ireland’s healthcare systems occurred six weeks ago and left the country’s publicly funded healthcare system severely disrupted. At this time, the Irish Health Services Executive (HSE) has decrypted 75% of the affected servers, but it is likely to take months to effect a full recovery. This Wednesday, HSE said that the cost of recovery so far amounted to $120 million, but the total damage could rise to as high as $600 million.

The Ugly

Police in the coastal resort of Benidorm, Spain, arrested a British man this week after a tip off from Australian police led them to discover he was in possession of 1,000 videos of naked children, which the alleged perpetrator had obtained by hacking into home security cameras around the world. The accused, working as a babysitter and private tutor, was also engaged in sexually harassing youngsters online and acting as a facilitator for the exchange of child porn on the darkweb. Reports said the police had found evidence of Bitcoin transfers to Romania to people involved in child pornography.

In Florida, another tip led to the arrest of Donnie Pearce. Google tipped off local law authorities after Pearce allegedly uploaded 38 images of child sexual abuse to the web. Google sent Pearce’s details to the National Center for Missing and Exploited Children, and St. Johns County Sheriff’s Office (FL) seized 15 electronic devices belonging to the accused. Pearce has been charged with 13 counts of possessing obscene materials.

We usually include cases of cyber offenders being apprehended under the “Good” category, but sadly, these cases are just the tip of the iceberg in the cyber child porn pandemic. Just this week, law enforcement authorities arrested men in Cape Coral (FL), Blasdell (NY), Hendersonville (Tenn), Joliet (IL), Fulton (Missouri), Upper Allen (Pa), Mechanicsburg (PA), Layton (Utah), Barstow (CA), and Hatboro (Pa) for child pornography-related offenses.

It seems that the combination of the relative anonymity of the darknet, cryptocurrencies, social networks, messaging applications and smartphones makes the production, storage and distribution of such obscene materials too easy, extending the number of people participating in child-related crimes.