Interpol: Government-Developed Cyberweapons May End Up in Hands of Criminals Soon
Cyberweapons are a broad term that can be used to describe anything from keyloggers to ransomware, or to something that takes down an energy grid. With governments creating evermore powerful versions, fears are growing that they could end up in the hands of criminals.
Cyberweapons used by governments today may be used by criminals tomorrow, warns Interpol Secretary General Jurgen Stock.
Cyberattacks more than doubled in 2021, according to the World Economic Forum’s Global Cybersecurity Outlook. Stock fears that in the future, criminals will have even more powerful tools at their disposal as he expects cyberweapons used by governments to start appearing on the darkweb. He warns the shift could unfold in the next few years.
“That is a major concern in the physical world — weapons that are used on the battlefield and tomorrow will be used by organized crime groups,” Stock said while speaking to a panel moderated by CNBC at the World Economic Forum in Davos, Switzerland. “The same applies for the digital weapons that, maybe today are used by the military, developed by military, and tomorrow will be available for criminals.”
Cooperation with private businesses could go a long way towards addressing the problem, Stock said, as he called on business leaders to work with governments by providing cyber breach reports. “Without your reports, we are blind,” he said.
Cyberattacks can take many forms, but the most popular is ransomware attacks. Hackers encrypt critical data on their victims’ servers and computers and demand a ransom payment, usually in cryptocurrency, in order to provide the keys to unlock the data.
That puts companies in an unenviable position, having to choose between losing their data or paying the ransom and encouraging more attacks in the future. In 2019, an Alabama hospital was forced to shut down its system for eight days while it dealt with a ransomware attack.
During that time, a baby was born with its umbilical cord wrapped around its neck, causing severe brain damage. The baby died nine months later, a death the mother believes was preventable. That has since turned into a lawsuit against the hospital, and if the court rules in favor of the plaintiff, it would be the first death partially attributable to a ransomware attack. The case remains ongoing.
Governments aren’t the only ones developing cyberweapons, oftentimes they are purchased by government agencies from hacking groups. In fact, in 2015 it was revealed the FBI purchased snooping software from a group called Hacking Team. That same group has sold their tools to some of the world’s most oppressive regimes, who use them to crack down on dissent.
Although such tools are likely already on the darkweb, Stock believes similar but more powerful tools that could take down a country’s electrical grid may be just around the corner.
“Our problem is not needing ‘next-gen’ AI, blockchain or whatever else,” Robbert Lee, CEO and co-founder of Dragos cybersecurity forum told CNBC, “our problem usually is just about rolling out with things that we’ve already invested in.”