John Oliver on ransomware attacks: ‘It’s in everyone’s interest to get this under control’

Last Week Tonight host delves into the increasingly common and destructive surge of ransomware attacks on governments, companies and private citizens

On Last Week Tonight, John Oliver delved into the murky, increasingly common and destructive world of cyberattacks, particularly ransomware attacks in which hackers infiltrate a network, seize critical data, and demand a ransom to unlock it.

Ransomware attacks have in recent years grown in scope and significance of the damage – in May, a cybercriminal group known as DarkSide infiltrated the networks of Colonial Pipeline, forcing the company to shut down its 5,500 miles of pipelines and causing panic-buying runs on gas stations in the south-east. Just two months later, an attack on Florida-based IT systems company Kaseya was considered the worst ransomware attack to date because it spread through multiple customer networks and affected 800 to 2,000 businesses, from supermarkets in Sweden to schools in New Zealand.

“If you’re thinking, hold on, is it just me or did there not used to be a ransomware attack every two months? You’re actually right,” said Oliver. “Over the past few years, it’s gone from a trickle to an absolute flood.” The estimated ransoms paid quadrupled last year to $350m – “definitely an undercount”, said Oliver, “because companies often don’t publicly disclose ransomware attacks for fear of negative press or lawsuits”.

Ransomware attacks have caused chaos for city governments such as Baltimore and New Orleans, as well as school districts and hospital systems, 85% of which do not have a qualified security person on staff. “Even organizations that are scrupulous about backing up data so that it could be easily recovered can still be vulnerable, because hackers are not just encrypting data, they’re also threatening to release files or personal information publicly,” Oliver added.

Russian-speaking hackers released the personal information of 22 DC police officers this May; in 2017, hackers demanded $6m from HBO under threat of releasing unaired episodes of Game of Thrones, “which, to be honest, is a pretty weak threat”, said Oliver. “If HBO is going to be publicly humiliated, it’ll be by releasing the last season of Game of Thrones on its own terms.”

Most ominously, ransomware attacks now threaten numerous internet-connected, “smart” in-home devices, such as thermostats, TVs, ovens or even internet-enabled sex toys, such as a butt plug. Which prompted Oliver to remind his audience “arseholes are like opinions – letting the internet be in charge of yours is a really bad idea”.

Oliver was legally obligated to say that the butt plug comes with a physical key for emergencies, “which I’m not sure is completely reassuring – keys do get lost, don’t they? Just picture the last time you searched for keys around your house and now raise the stakes significantly.”

The point, he continued, was that the costs of ransomware keep raising, as the barrier to entry keeps lowering. The explosion in attacks derives from three main factors. First, ransomware as a service, as in hacking programs sold a la carte, precluding technical know-how. “Ideally, no one would launch ransomware attacks,” said Oliver, “but my next preference would be that launching one should require significantly more work than simply clicking ‘add ransomware to cart.’”

Second, the rise of cryptocurrencies, which has made it easier to make money from ransomware attacks, and more difficult for law enforcement to recover it. But “despite the fact that hackers now have the ability to make their financial transactions in secret, it is not always that hard to figure out where exactly the money is going,” said Oliver, pointing to videos of Russian hacking group “Evil Corp” obstructing traffic with donuts by a Lamborghini (license plate, in Russian: “thief”), posing with stacks of cash and stroking a pet lion cub.

“There’s actually a reason that those hackers felt so comfortable driving around with license plates that are basically an admission of guilt,” Oliver continued, as several countries, particularly Russia, operate as “safe havens” that will look the other way as long as the ransomware attacks are outside their borders.

“When you put all of this together – with cybercriminals able to buy ransomware off the shelf, get paid in a currency that’s hard to trace, and work free from state interference – is it any wonder we have such a massive problem on our hands?” Oliver wondered.

The host did note some encouraging developments: the justice department recently formed a task force to curtail the proliferation of ransomware attacks, and the infrastructure bill passed this month includes $1bn for improving local governments’ cybersecurity.

Oliver also urged individuals and private businesses to take their own preventative steps: set up two-factor authentication, keep computers up to date, and avoid clicking on suspicious emails. “I know that those measures sound small when we’re facing something so terrifying,” he said, “but in a world where most people’s doors are unlocked and wide open, just locking your door might be something of a deterrent here.

“The fact is, it is in everyone’s interest to get this under control,” Oliver concluded, “because right now, it really, really isn’t”.

• This article was amended on 17 August 2021 to restore British English spelling to a quote from John Oliver, in line with the host’s own pronunciation.

Contributor

Adrian Horton

The GuardianTramp

Related Content

Article image
John Oliver rips union busting by companies: ‘It’s all about killing momentum’
Last Week Tonight host explains how large companies break up unionization drives and the ineffective consequences for breaking the law

Adrian Horton

15, Nov, 2021 @4:46 PM

Article image
John Oliver on exploitable voting machines: 'We must fix this'
On the Monday of election week, The Last Week Tonight host takes a closer look at a critical part of America’s election infrastructure: voting machines.

Adrian Horton

04, Nov, 2019 @4:58 PM

Article image
John Oliver on the US power grid: ‘It’s not failing us, we are failing it’
The Last Week Tonight host digs into the numerous strains – age, climate change, neglect – on the US power grid and urges prioritizing its upkeep

Adrian Horton

08, Nov, 2021 @4:35 PM

Article image
John Oliver: When Trump 'uses the word thugs, you know what it’s code for'
The Last Week Tonight host responds to America’s ‘brutality bingo’, the protests over George Floyd’s death, and attempts to discredit mail-in voting

Adrian Horton

01, Jun, 2020 @5:16 PM

Article image
John Oliver rips into US clean-energy loans: ‘This business model is fundamentally flawed’
The Last Week Tonight host digs into a government program whose lack of oversight has left many risking their homes

Adrian Horton

21, Jun, 2021 @3:53 PM

Article image
John Oliver blasts Trump's 'irresponsible' handling of coronavirus
Last Week Tonight dissects Trump’s mishandling of the crisis and dismantles arguments pitting seniors against the economy

Adrian Horton

30, Mar, 2020 @3:55 PM

Article image
John Oliver explains China's 'appalling' treatment of Uighurs
The Last Week Tonight host called for action in response to Beijing’s human rights abuses against its Muslim Uighur minority

Adrian Horton

27, Jul, 2020 @3:37 PM

Article image
John Oliver: Mueller report reveals 'cartoonish levels of incompetence'
The Last Week Tonight host unpacked the redacted version of the Mueller report, from ‘crazy shit’ to unearned victory laps

Adrian Horton

22, Apr, 2019 @4:52 PM

Article image
John Oliver on Trump's refusal to concede: 'Absolutely unforgivable'
The Last Week Tonight host debunks Trump’s baseless claims of fraud and warns agains the damage of humoring the president

Adrian Horton

16, Nov, 2020 @5:39 PM

Article image
John Oliver: Trump's pandemic leadership has been 'borderline sociopathic'
The Last Week Tonight hosts rips Donald Trump’s leadership during the pandemic as eight months of ‘damaging lies’ and ‘staggering incompetence’

Adrian Horton

02, Nov, 2020 @5:11 PM