a new situation, where am i now? will i have to rhonda and the fight and said that we should move up to i don't anything can help in any way you said that she would love to i wouldn't be able to through to you. she would now you're going to school now to him. line. ah, this is onto there and these are the top stories billionaire richard branson has officially reached the edge of space for failing a lifelong dream and making a dramatic step forward for space tourism relief, fransen and 5 all those travelled aboard his company. virgin galactic winged rocket ship for a few minutes. the crew with weightless. there's not one the mission statement that i wrote inside by space to was to turn the dream of space travel into

a reality for my grandchildren, your grandchildren, and how many people are alive today for everybody. and having flown to space, i can see even more clearly how virgin guide is the space line for the way here to make space more accessible to all. and we want to turn the next generation of dreamers into the astronauts of today and tomorrow at me. and england will face off the final of the euro, 2020 football championship at london's wembley stadium and under 2 hours. this is the 1st final for the england men team and europe's top football tournament. the tournament comes at a time that the u. k. government is concerned of the rising number of cases of the coven. 19 delta variant. around 60000 people are expected at wembley stadium for the euro. 2020 football final. later australia is grappling with the delta variance

with its 1st corona virus death this year. so far is much better than many of the developed countries and keeping infections low, but it's been criticized over it's slow vaccine rollout. now, cases are on the rise in new south wales, even though the bigger city sidney is in its 3rd week of lockdown. thousands of people in bosnia and herzegovina have pause to own a victims of the 995 stripper needs a massacre. as part of the memorial to mark the 26th anniversary of the genocide remains of 19 newly identified victim who buried protests against the palestinian authority has been taking place in the occupied westbank. there are thing calls for weeks now for palestinian president mahmoud abbas to quit after the death of an activist in p, a custody. those the headlines use continues here on al jazeera inside story. i'll see after that a bye for now. news. news

. news. ah, the u. s gives russia an ultimatum. stop ransomware attack hackers extort millions of dollars by targeting businesses and infrastructure. so what's needed to stop the cyber criminal and contain the threat to global security? this is inside story. ah, ah, ah. hello and welcome to the program. i'm mohammed, jim. jim ransomware attacks are becoming a global security threat. hackers break into computer systems lock up files and

hold them for ransom. as the name suggests, many cyber criminal networks are believe to be in russia with most of their victims in the u. s. a recent attack on an american i t firm crippled, nearly $1500.00 businesses around the world. this prompted us president joe biden to demand action from the kremlin. he told latimer potent to stop the hackers. if not the us may retaliate by attacking ransomware servers. when the pair met in geneva last month, bite and gave put in the list of 16 critical infrastructure sectors that he said were off limits to cyber attacks. us politicians have been urging biden to do more . well, i mean fast . whereas credits were already coming from historical, even though it's not, not sponsored by mistake,

expect them to actually give them enough information to actually do that. and secondly, that we've set up the cases about a regular basis to be able to communicate to one another when it was things something happened, another country back to the home. so it went well and you said, well, there are, yes. ransomware gangs have launched a series of high profile attacks in recent months. an assault on colonial pipeline in the us disrupted almost half of the east coast fuel supply in may. the world's largest meet supplier j b s, had to pay $11000000.00 to resume its american operations last month. and last week, around 500 co op supermarkets were forced to shut in sweden. they were affected by an attack on one of the chains. software suppliers in florida. ransomware attacks were estimated to cost american victims around 1400000000 dollars last year.

the. all right, let's bring in our guess in birmingham, michigan, richard steen and chief research analyst at i t harvest. richard is also author of the books there will be cyber war and cyber defense countering targeted attacks in toronto, albania, clear minority founder and ceo of pen geo wire group, a geopolitical consultancy, and geneva defined to get chief executive officer of cyber peace institute. stefan has led projects to counter cyber crime and online terrorism. a warm welcome to you all. thanks for joining us today on inside story. richard, let me start with you today. i just like to take a step back for a moment and ask you to explain to our viewers what exactly constitutes a ransomware attack and how it works. yeah, it's pretty straightforward. a attacker find some vulnerability inside

a network ground, somebody's computer infects it, and downloads tool, the ransomware software itself that encrypts the complete hard drive making without a key that you know about. so it makes it impossible to get access to your data. if it's spread throughout a large network like calling your pipeline, it can shut down all of the office systems of an organization. and then the attacker demands ransom usually right on the screen of the infected computer. and they say pay us x amounts in fairly untraceable crypto currencies. and we'll give you the key to decrypt your hard drive. and it's as simple as that, but it's devastating placement until recently, the u. s. was treating ransomware as more of a criminal problem or a criminal act. it seems that the thinking on that really changed, especially after this colonial pipeline attack. and also this attack that happened over the 4th of july weekend,

is it now the case that the u. s. is treating ransomware and ransomware attacks is more of a national security threat as seen. so mohammed, but i think the main point to stay here is that shouldn't, shouldn't take a seismic cyber type. so the u. s. government to reassess the priority when it comes to cyber. the us government has no for a long time to talk to people to they're always growing if something cheaper and more accessible to anyone who wants to learn how to use it. and they can cause devastating repercussions for the action that they take. so this is, i think, a little bit too late, but hopefully not too little in terms of their reaction to the cyber types. stuff on how difficult is it to deter ransomware attacks it's linked to the complexity of the chain x because of the read. some was a very simple type of attack, the actors behind it,

quite numerous. we saw in the very same time that the rent somewhere business model . he showed me to like this evil from a one criminal group during the whole criminal chain to his life. again, in between criminal groups, you know, that's what i want to put targets in a very recent case. it's wrong good, specifically, specialized into finding it in the system to make the intrusion and using another criminal group affiliation program in order to deploy the run some way. so the question of the parents, it's about the responsibility of states to reduce the space or the criminals, the benefits today in order to leaving the broad infinity in cyberspace because it's human mis here. i mean, you know, they're not these guy know who the that is hiding behind a computer. cyber crime as a whole and cybersecurity responsibility of states and state will be modern for

maneuver to make this a successful difference company. richard, president biden has warned president, and yet again demanding that russia do more to crack down on cyber warfare and ransomware attacks. we've been down this road before, but if the u. s. now decides actually retaliate against russia, what exactly can it do? what does a retaliation look like? how does it play out and can russia then just escalate all of this and can it get worse? yes, to that last question. and that's the trouble with retaliation. but obviously, president biden has a diplomatic options. he even has military options as it's been over 10 years that the military has been kind of granted the ability to respond with

kinetic attack against cyber attack, which they probably would in certain limited cases. in this case, it sounds like president biden is threatening of cyber attack. that would be in kind and proportional the, you know, us government has tremendous cyber capabilities. and one of the dangers of using those overcame cyber capabilities is they might be using some zeroed a vulnerabilities that they've researched or developed themselves. and as soon as they use them, the victim has copies of it and can reverse engineer and turn it around and use it as a weapon against their own victims. so it's very dangerous to use some of those technologies, which i think explain some of the reticence of the talented community in the military and using these cyber weapons. so. ready it might take longer to create

a cyber weapon that reuses resting capabilities. so they're not giving away anything new. and they turn around and use those things to conduct some sort of disruptive attack. policemen, what are some of the ways that countries around the world can engage in cyber warfare these days? think it's very easy to paint it all with brush as riches that in the past definition have different ability. but also companies have abilities to protect themselves against cyber attacks. and individuals themselves are always developing new ways in which in which to use cyber in their arsenal. of of attack. so when it comes time to understanding the cyber landscape is what is easiest thing, cyber attacks as one title. there's so many different ways in which cyber can be used to be, we're on, can last by aware, etc. and to really to, to understand this, i think it takes someone who do is defending their architecture through to understand it more so than the attacker who can do just this 11 weakness in the defenses of their target to cause not damage so far when we're talking about

ransomware, we're not talking just about cyber criminals. we're also talking about an industrialized business these days, right? i mean, how sophisticated are these groups and how sophisticated are there operations? so the recent history of around show the continuous innovation in the criminal model and from the experts encrypt consistent in order to old victim that we came to rental. and then it was not enough. so long side detect it was interested in the system just before blocking everything, steaming all the data. so that was not being there wasn't 2nd level of the black mail. if you don't be, we are going to make sure that your data would be like next on the internet. and we've seen a nother very documentation, which is the data that the stolen. they are used,

targeted black males to each and every victim. that in fact, of their own data as part of the system that was targeted, we saw that let's go in finland where patients organic. so their data stolen by criminal, each one of them was completed by the criminal not to say how you pay. i'm going to put your life your conversation, we psychologist out there on the internet. so it's quite a complicated business model, the to your point before any state policy, any state foreign policy should start and looking at the human cost of a duck. so any dream that escalation that everything is going to have the parents is just the dream. because at the end of the day, escalation will only lead to sophistication of attack and will continue to the want to that even more when you and i, everyone that is using the richardson i was just talking about the business model

of these ransomware criminals. as i understand it, they usually demand payment in crypto currency. and so i want to ask you if that makes this all much harder to trace. yeah, completely and that's very affect the, you know, the cause of the surge and ransomware tags was the availability of almost random way of getting paid. so in the past, the ransoms were demanded with wire transfers and western union, things like that. they're ultimately, you know, we're because of money laundering. we're very traceable. and in 2009, we saw the 1st ransomware using bitcoin. and now there are different versions of a couple of currencies that are even less traceable when big coin it. so it's definitely the driver of all of us. policemen, if we're now at a moment where we are seeing countries start to shift their attitudes and treat

cyber criminals more as threats to national security or even potentially terrorists . what legal avenues are available to these countries? how can they go after them going forward? that's a very good question. and then i think what was missing so far in this conversation with the legal aspect? because any action that a nation state takes, they need to consider the legal ramifications and russia, i think, has for me some of the best legal scholars. because they are able to cause a lot of damage and do a lot of things which is in the grades on of, of the law. so for a nation which is being attacked, they're able to use the same methods that have been used on them to bring that guilty nation back in line with international law. but the issue is, is actually finding what the, what law they broke in order for them to retaliate our way. because we can't find a legal basis for their retaliation. the best they can use our torsion techniques,

for example, sanctions or expending drugs, which is what the us and europe have been doing towards russian, russian attackers for a long time. so it's the legal basis. what laws are they broken specifically? and when that that comes their legal, i've been if you through then respond to that the attack, what becomes even more difficult is building coalition to say yes, this is what i, what this is what has happened. and this is what we're going to do and respond back to you. this is very difficult to bring a consensus together. and the tale manual which was created and i think in 2007, 8. and it was updated recently explains the legal basis for cyber attacks, outer space attacks and, and other legal agree zones which nation states and companies are facing in the modern world. 7, let me ask you the same question. what are the legal avenues available to countries around the world to deal with this? and also, are we going to start seeing more of a global and coordinated effort to counter the threat posed by ransomware?

thank you, sir. the question the, let's not forget that the cyber just mean to an end. so if you then just cyberg ability is happening in the context of complex economic conflict between states, then the roles that are very well known and those but international community applies. international humanitarian law, charter trusts, international law, and so on. there's also some specific convention in the complex for cyber crime that exists some states and it's not been up it's convention and you have the body of unknowns because even recently again, updated in the united nation. the g g e, open working group, which is also explaining quite clearly dictation in terms of behavior that would be predictable and very transparent by so a lot of the problems that wife attacks. oh,

exploding i would say at the speed of, of life. well the, the community cannot even react, no, a dispute overload. so even in the body over there is not put in place. what, what is that to be done is more a acceptance by states that they are comfortable, that they come to be in for the bridge that did take the load that the b to there should be going to be today. the problem is that when there's a duck, there's not this body of knowledge that will be available for the victim. because again, we think in a said the piece listed to the bottom actor here is the victim. that what that person to understand or have been at that, and you can refer to in order to get to repair or to get to just this is that one. and this is information that can use, you know, the to seek redress. and this is absolutely amazing. richard, you know, this attack that occurred over july, 4th weekend, the targeted this american ip from, i believe the company was based in florida. you know, this crippled nearly 1500 businesses around the world that is staggering to think

about. i'm curious to get your thoughts on how much america cyber defense is, whether it, whether it comes to, you know, private enterprises or whether it comes to government institutions actually need to be beef up beefed up right now and how vulnerable as the country from cyber attack it feels like i've been beating this job for at least 20 years, and most people in the security industry feel the same way. it's we keep telling you what to do and you don't do it. and i think it's just because that, you know, a business managing somebody else's id is just not aware of, of all the dangers to them. and casea in, in the united states have a piece of software that was completely vulnerable. and several researchers had pointed that out over the years, including a group in the netherlands. and those on abilities were used in a very targeted and campaign that occurred, of course, friday of

a 3 day holiday in the united states. so people will be able to react quickly enough to it. so i think that, that, yes, everyone's vulnerable, of course, is not the united states. as brown's as united states is the most, you know, connected to the internet and relies the most in is driving the most benefit from technology, right. in the end, there's millions of companies sort of moved to using the internet and the web and interacting with customers, especially post coven working with their employees remotely. so the vulnerability and exposure just increases constantly and grows as fast as everybody's economies have been growing since the late 1900 ninety's. so we're just wide open and it's something we have to learn to live with. chrisman is the cybersecurity industry stretched far too thin right now, and if so, what are the implications of that? sure. i think the thing to keep in mind, or how does that look,

every company has the same capabilities, financial, and also in terms of their knowledge base to deal with the cyber attacks. you know small, medium sized enterprises, especially a cobit are barely getting by as it is. so add onto that cyber costs and cyber regulation and cyber preparedness, which is not going to not develop as an industry unto itself, which is it is currently developing probably to the size of a money laundering legislation and, and checks if you see cyber becoming an industry to itself, which is cost businesses are going to rise, which means that bottom lines are going to be squeezed, which means they're going to be under a lot more pressure and stress, especially now during koby, we don't know when this content, so it's costs are a big thing, it's also their knowledge is also another big thing and also bigger firms and now think about how to defend against them, which is going to cost money. but the good thing that's coming out of this is that the governments are waking up more and more so slowly or b as we can a more, more so to helping the private sector a combat cyber attacks. although if you also criminals,

they said that nothing would turn them to just continue being more innovative. and, you know, finding whole the systems as time passed, which is natural. the technology is like this. it's continuous and it's exponential in its development. so it's going to continue about 0, and this is only the beginning to find, i want to get back to the issue of crypto currency for just a moment from your vantage point. how much has the availability of crypto currencies contributed to the rise of ransomware attacks? so it's one of the many accelerate things like that, but not the only one that affect it. of course you cannot escape the follow the money trail. he's helping a lot, a criminal scheme, but just not on the run. some way i would say it's, it's an impact on the why the organized crime ecosystem. but never forget that kind of innovation. again, it's one of the money i've been call these 3 of crime for, for decades. before i read somewhere, before people currencies, there was

a lot of fantasies that the criminals were moving the money across bank account in the world. when fact were using cash and very innovative way to use cash or around the world to make sure they would profit from the crime. so we should be careful about this patricia, a way to investigate properly. ransomware would be to clear capability to get all the money on ring ring for the criminal model. richard, i saw you nodding along to some of what's the phone was saying there, did you want to jump in and add to the point who was making? yeah, i follow the solution, so security solutions and now i am seeing several organizations that are trying to track rants where wallets actual long identifiers associated with, with each crypto currency and their co lading with anybody who is attacked by ransomware. shares say this wallet is the one that, that they want me to pay into. and by that they're kind of doing a broad,

broad based analysis of where all the money is flowing. because eventually, you know, each crypt a wallet that's used is emptied and put into a bigger one. and that's probably the one that belongs to the cyber criminals. so there's technology coming to bear to hope to locate and identify the people who are controlling berg, the ransomware attacks savannah. look like you want to jump in as well did. did you, did you have a reaction? yes, very good point is just me know and make me think about your question before what can states do in terms of exclamation resources, investments in law enforcement in independent justice. you know that to be sure that when criminal innovating and at the same level of innovation when it comes to investment and just it's not something that is coming from the author. point of view of how to make instigation. but i mean, the right resources for the entities,

no improvement, and just out there to protect the policeman from your vantage point. what are the concrete steps that need to be taken to stop cyber criminals and to contain this threat to global cybersecurity? i think containing a threat like this is an illusion because we've opened, we've opened pandora's box when it comes time to these kinds of technologies and the more nation put money behind it, the more cyber or criminals are going to have knowledge of how to say, how to overcome these kinds of tests, i don't think we've seen something of this magnitude globally ever before in our human existence. where with very simple means one after and was a lot of damage, non physical damage to, to an industry, to, to, to security, to energy, energy assets accept. so this isn't something that can become contained as such. i think this is something that can be monitored and protected against incrementally as time passed, but a sort of

a silver bullet 30. and if it in the bud isn't going to be available anytime soon. because technology will continue to hold. asters are going to continue to grow, it's going to become cheaper, and it's going to be more of a headache for governments and also for corporations as time passes. all right, we have run out of time, so we're going to have to leave the conversation there. thanks so much all of our guests richard, stan and policemen were artie and it's defined to got and thank you to for watching . you can see this and all of our previous programs again, anytime by visiting our website or 0 dot com. and for further discussion, go to our facebook page at facebook dot com forward slash ha, inside story. you can also join the conversation on twitter. our handle is at a g inside story for me. mm hm. a jim, jim and the whole team here. bye for now. the news

news departed from the u. k. indoctrinated by somali as how can a young man disillusion by violence? we build as light. excellent. we're going to make a mistake and re unite. it's common africa. no knife for me is also my kid. last warrior, a witness documentary on a wizard . bang. energy and change came to every part of our universe. more small to continue the change all

around the shape by technology and human ingenuity. we can make it work for you and your business when a war crime is committed, is it kind of how does it follows that garzon human rights investigator on his unprecedented journey to the french high court? i says that every place to make sure that ought to bring its taking on the arms trade in his fight for justice, for innocence, palestinians and their families made in france on all disease love to clear out. one of the world's most famous film festivals is back with love mandatory and the social distance thing in place in some countries unable to attend

and the very piece of recreate the magic y coverage of the council festival. now, we understand the differences in the cultures, the cost to what movie news and current does that matter to you? i this is al jazeera. ah hi there, i'm kimbell, this is ben you all from coming up in the next 60 minutes. when richard branson's rocket powered plain reaches the edge of space and takes a step toward commercial face tourism had long.