REvil is a solid choice for a villain’s name: R Evil. Revil. Evil and yet fun. I could imagine Black Widow, Hulk and Spider-Man teaming up to topple the leadership of REvil Incorporated.
The criminal gang using the name REvil may have enabled ransomware attacks on thousands of small businesses worldwide this summer — but the ransomware problem is bigger than REvil, LockBit or DarkSide. REvil has disappeared from the internet, but the ransomware problem persists. REvil is a symptom, not the cause. I advise Tony Stark and his fellow Avengers to look past any one criminal organization — because there is no evil mastermind. Ransomware is just the latest in the 50,000-year evolution of petty criminals discovering get-rich-quick schemes. The massive boom in the number of ransomware occurrences arises from the lack of centralized control. More than 304 million ransomware attacks hit global businesses last year, with costs surpassing $178,000 per event. Technology has created a market where countless petty criminals can make good money fast. The best way to fight this kind of threat is with a market-based approach. The spike in global ransomware attacks reflects a massive “dumbing down” of criminal activity. People looking to make an illicit buck have many more options available to them today than they did even two years ago. Without technical chops, people can steal your data, hold it for ransom and coerce you to pay to get it back. Law enforcement has not yet responded to combat this form of cybercrime, and large, sophisticated criminal networks have likewise not yet figured out how to control the encroaching upstarts. The spike in ransomware attacks is attributable to the “as a service” economy. In this case, we’re talking about RaaS, or ransomware as a service. This works because each task in the ransomware chain benefits from the improved sophistication enabled by the division of labor and specialization. Someone finds a vulnerable target. Someone provides bulletproof infrastructure outside of the jurisdiction of responsible law enforcement. Someone provides the malicious code. The players all come together without knowing each other’s names. No need to meet in person as Mr. Pink, Mr. Blonde and Mr. Orange because the ability to coordinate tasks has become simple. The rapid pace of technological innovation created a decentralized market, enabling amateurs to engage in high-dollar crimes. There’s a gig economy for the underworld just like there is for the legal business world. I’ve built two successful software companies, even though I’m an economist. I use open source software and rent infrastructure via cloud technologies. I operated my first software company for six years before I sought outside capital, and I used that money for marketing and sales more than technology. This tech advancement is both good and bad. The global economy did better than expected during a global pandemic because technology enabled many people to work from anywhere. But the illicit markets of crime also benefited. REvil provided a service — a piece of a larger network — and earned a share of proceeds from ransomware attacks committed by others — like Jeff Bezos and Amazon get a share of my company’s revenues for the services they provide to me. To fight ransomware attacks, appreciate the economics — the markets that enable ransomware — and change the market dynamics. Specifically, do three things: