In recent years, the threat of cybercrime has escalated dramatically, affecting various sectors from national security to everyday life. Ransomware attacks have become a lucrative business for cybercriminals, with global costs projected to exceed $40 billion in 2024. The normalization of cybercrime, once seen as a niche threat, now poses a significant risk to nations, corporations, and individuals alike. To address this growing menace, experts Frank Cilluffo and Joshua Whitman argue that the United States should designate certain nations as sponsors of cybercrime, similar to its designation of state sponsors of terrorism.
The concept of “digital solidarity” was introduced in the U.S. International Cyberspace and Digital Policy Strategy released by the State Department in May. However, this strategy fails to address a crucial aspect of combating cybercrime: identifying and designating nations that provide safe havens for cybercriminal organizations. Countries that allow cybercriminals to operate without fear of prosecution create an environment where these criminals can thrive, plan sophisticated attacks, and launder their illicit gains.
Russia is often cited as a prime example of a state that provides a safe haven for cybercriminals. While publicly condemning cybercrime, the Kremlin quietly supports hacking groups that do not target Russian interests. These hackers often cooperate with Russian intelligence, sharing stolen data in exchange for protection from law enforcement. According to a TRM Labs report, Russian-speaking ransomware groups accounted for at least 69% of all cryptocurrency proceeds from ransomware in 2023, amounting to over $500 million.
North Korea presents another alarming case. The regime has embraced cybercrime as a means to fund its nuclear ambitions and circumvent international sanctions. Unlike traditional organized crime, where criminal groups infiltrate the state, North Korea’s government directly controls and utilizes cybercriminal activities. North Korean hacking units operate under the direction of the state, conducting ransomware attacks to generate funds for the regime. These hackers often work from countries with lax cybersecurity, complicating efforts to track their activities.
The proliferation of cybercrime safe havens has created a self-reinforcing cycle that jeopardizes not only the digital security of the U.S. and its allies but also the overall stability of the internet. Countries that ignore cybercriminal activities within their borders incentivize hackers to relocate to these safe havens. This dynamic poses a threat to the economic prosperity and national security of nations committed to upholding the rule of law.
To combat this escalating threat, Cilluffo and Whitman propose that the U.S. should implement a comprehensive strategy that includes designating states as sponsors of cybercrime. This designation would allow the U.S. to leverage sanctions, diplomatic penalties, and other accountability measures against nations that harbor cybercriminal organizations. Similar to how the State Department produces annual reports on terrorism, a framework for cybercrime could identify major cybercriminal syndicates and document their activities, holding nations accountable for providing safe havens.
Despite potential concerns that such designations could escalate tensions between nations, the risks associated with inaction are far greater. The U.S. intelligence community has already tracked the cyber activities of countries like Russia and North Korea, indicating that the necessary evidence exists to support these designations. By taking decisive action, the U.S. can initiate a process of international accountability that could compel nations to reconsider their support for cybercriminals.