This article is written by Shams Rizwi and pursuing a Diploma in Technology Law, Fintech Regulations, and Technology Contracts.
This article has been published by Sneha Mahawar.
Table of Contents
Introduction
On May 7th 2021 Colonial Pipeline, which is a major American oil pipeline was hacked by a Russian Hacker group that demanded ransom in form of cryptocurrencies. The Pipeline soon shut down which also created a temporary energy crisis in America. The same event was repeated on 31st May 2021 when JBS, the world‘s largest meat processing company was hacked and had to pay the ransom of $11 million US dollars to the hacking group and had to halt its operations in the United States. In both these instances, huge multinational corporations and billions of dollars worth of assets were systematically targeted which were strategic to a nation‘s growth and development. There is another similarity in both of these cyber-attacks, both attacks were conducted through ransomware, through which these cybercriminals made millions of dollars. Ransomware attacks are now increasing from day to day as most of these sophisticated attacks are done by hackers to earn money and are profitable for them. It also poses a threat to the physical and digital infrastructure of nations as most of them are targeted and sophisticated attacks and as the ransom usually is collected in crypto, it provides anonymity to the hacker from law enforcement agencies and makes it difficult to trace them. This creates a serious threat to most nations and their economic and strategic interests. In this article, I will discuss the rise of Ransomware threats in cyberspace and what Ransomware is, analysis of Ransomware in the context of Brazilian laws, and how international governments are creating new legislation to counter the rise of Ransomware in cyberspace, and conclusion.
What is ransomware and how does it work
Ransomware is malware that encrypts a victim’s data hostage for a price. The critical data of such a corporation or group is encrypted, making it nearly impossible for them to access files, database systems, or applications. A ransom is then demanded in order to get access. Ransomware is commonly designed to spread across a network and target database and file servers, crippling an entire organization in a short amount of time. It is a rising threat, generating billions of dollars in payments to cybercriminals while causing extensive damage and expenses for governments and businesses.
In most Ransomware, asymmetric encryption is used. This is a form of cryptographic algorithm that encrypts and decrypts a file using a pair of keys. The hacker generates a unique public-private pair of keys for the victim, with the private key used to decrypt files stored on the attacker’s server. The hacker only makes the perpetrator’s private key available after the fee is paid, though as seen in recent cyber campaigns, that isn’t always the case. It is virtually impossible to decrypt the files being taken hostage without access to the private key.
There are various kinds of ransomware. Ransomware (and other malware) is frequently distributed via email spam campaigns or targeted attacks. After establishing its presence, the malware remains on the system until its task is completed.
Ransomware drops and executes a malicious binary on the compromised device after a successful exploit. This binary then searches for and encrypts critical data like Microsoft Word documents, images, databases, and so on. The ransomware may also reap the benefits of system and network weaknesses to spread to other systems and, possibly, across organizations.
Once systems are compromised, ransomware demands a ransom be required to pay within 24 to 48 hours in order to decrypt them, or the files will be lost forever. If a data backup is not accessible, or if backups have been encrypted, the victim must pay the ransom to retrieve personal files.
Rise of ransomware threat in cyberspace
After reading and understanding about Ransomware in the above chapters, one can easily understand how serious a threat Ransomware poses to cyber security. The above incidents of Ransomware attacks which were mentioned in the above chapters are not the only ones. There are many Ransomware attacks that do not come under the limelight and remain unnoticed by the media. One of the key features, why Ransomware has become a favourite form of cybercrime, is that it maintains the anonymity of the cybercriminal as most ransomware is paid in cryptocurrency which is virtually impossible to trace. It is also a profitable venture for cybercriminals as they get hefty amounts from host organizations and companies in the form of ransom.
Interestingly, there is also a geopolitical angle that is in play here. Just like the nuclear arms race, governments are heavily investing in cyber warfare as well. As most governments are in consensuses that cyber attacks are a potential threat to their respective national security many international governments including the American government. I believe that one of those threats is the rise of ransomware in cyberspace. In a report of the US Department of Homeland Security on Cybersecurity Strategy dated May 15th 2018, the federal government has outlined the increasing use of ransomware by rough players and foreign governments to target the national infrastructure of the US and its allies. The report also outlines various high-profile incidents such as targeting the Ukrainian electric grid in 2015 and the WannaCry incident. Although it is suspected that most of these cyber attacks are done by rogue hackers who are suspected to have the support of the Russian government and intelligence agencies.
Apart from Russia, there are many governments that are in play here. Most of them are creating an army of government-backed hackers. Some of those nations include Iran, Saudi Arabia, Israel, and China. This makes the threat of cyber-attacks and ransomware more devastating as extradition and successful prosecution of these government-backed hackers are next to impossible.
Analysis of ransomware in the context of Brazilian laws
When cyberattacks have threatened major international governments and economies alike. Latin America is not a place that remains untouched, especially Brazil as it is one of the major economies of South America and a key member of various international economic organizations such as BRICS. In recent years there have been many cyberattacks that were directed towards Brazil. JBS, whose cyberattack was discussed in earlier chapters, was a subsidiary company whose parent company is Brazil-based. In November 2020 Brazilian Superior Court of Justice along with the Ministry of Health were also subjected to cyber-attacks. Due to domestic and international cyber threats, the Brazilian government on May 27, 2021, made some changes to the legislation which were approved that enforce strict penalties on cybercriminals who target Brazilian businesses and the general public.
According to reports, the Brazilian Penal Code approved law 14.155, which imposes severe penalties on cyber criminals who commit serious offences such as “device intrusion, theft, and misconduct in digital media environments, as well as crimes committed with the information given by someone induced to or erroneously through fraudulent emails, social networks, or telephone contacts.” According to the new legislation, fines and prison terms for cybercrime have been increased if: Economic harm is suffered by the victim.
The cybercriminal invades electronic devices such as smartphones and computers without the user’s consent to obtain, tamper with, or destroy data. The cybercriminal installs malicious software in order to gain unauthorized access to the device or network. The new legislation update has also increased the prison time for cybercriminals. The range has now been set between 1 and 8 years in addition to monetary fines, based on the intensity of the cybercrime. These penalties, however, become harsher if the cybercriminal is from another nation or if the victim is an elderly or vulnerable person or entity. These rapid changes in existing legislation and introducing new laws which are tougher on cybercriminals show the way the Brazilian government is responding regarding the new threats of cyber-attacks and crime.
Currently, there are two legal frameworks in play that are responsible for governing cyber law in Brazil. One is the Penal code and the other is LGPD, which stands for Brazilian General Data Protection law. As the name suggests LGPD is inspired by Europe‘s General Data Protection laws. In the penal code, the main law which covers most cybercrimes is Section 154-A of the Penal code. This section prohibits the unauthorized access of computers or other electronic devices to change or destroy existing data of the host computer or obtain illicit advantage from it. Section 154-A has a wide ambit when it comes to cyber law as it includes denial of service attacks (commonly known as DOS attacks), ransomware attacks, phishing, identity thefts, etc.
In recent years the legal scenario with respect to cyber laws has become highly fluid in nature. Understanding the seriousness of the situation, the government is coming up with new laws and changing old ones to create better legislation in order to fight the rising cyber threat, which Brazil as a state is trying to overcome.
The international scenario of cyber laws regarding ransomware
As many countries are affected by the rise of cyberattacks in recent times, many countries have started to work with other nations in regard to cyber security. In December 2018 the United Nations General Assembly (UNGA) passed two major resolutions: 73/271 on ‘Developments in the Field of Information and Information technology in the Context of International Security’ and 73/2662 on ‘Advancing Responsible State Behaviour in Cyberspace in the Context of International Security.’ The UNGA has set up two parallel mechanisms for dealing with cyber-security through these two resolutions. In accordance with the first resolution, an Open-Ended Working Group (OEWG) consisting of the entire UN membership will be formed in 2019. In 2020, the OEWG will report to the UNGA. Its main functions include continuing researching potential threats to information security and identifying possible cooperative measures to address them; investigating how international law applies to states’ use of information and communications technologies and investigating confidence-building and capacity-building measures. The other resolution also talks about setting up a committee to study the question of norms and behaviours in cyber-space. There is an international effort underway to preserve the security and freedom of expression of users in cyberspace. Hence in countering cyber-security issues, international corporations are most important.
Conclusion
Ransomware attacks are increasing day by day, and they are becoming more and more sophisticated as the existing technology progresses. The biggest issue regarding cyber-attacks including Ransomware is that cyberspace is a place without borders, but the law does have borders. Hence it is highly difficult for nations to keep up their laws in accordance with the changing world especially with changing technology. There are many laws that need to be amended and changed in accordance with the current technical aspects of society.
Nations also need to consider the angle of current geopolitical situations and current international political trends in order to counter this issue effectively. As in this coming day and age, cyber warfare is becoming a reality, and most countries should be prepared for it along with appropriate laws to complement the efforts of the state to counter it, along with effective international cooperation. These are some of the challenges which every nation needs to consider while countering cyber-security issues effectively.
Students of Lawsikho courses regularly produce writing assignments and work on practical exercises as a part of their coursework and develop themselves in real-life practical skills.
LawSikho has created a telegram group for exchanging legal knowledge, referrals, and various opportunities. You can click on this link and join:
Follow us on Instagram and subscribe to our YouTube channel for more amazing legal content.
