The rise of the geopolitical hack

In late 2020, a cancer charity contacted the U.S.-based cybersecurity company, GroupSense, in a panic. One of the world’s largest cybercrime gangs had infiltrated the organization’s computer system and kidnapped its data. An ominously worded message explained that the hackers were willing to restore the nonprofit’s records in exchange for several million dollars.

The digital ambush thrust the charity into uncharted and potentially catastrophic territory. Paying the requested amount was unthinkable for a nonprofit group, and even if it were able to foot the bill, news of the breach trickling out to donors could be devastating. The organization eventually turned to GroupSense, which has carved a niche out of negotiating ransom payments between hackers and victims, for help. 

“They were like, the number is so far off the mark that this seems hopeless. We’re doomed,” said Kurtis Minder, the company’s founder and CEO. 

The middlemen agreed to step in.

Malware whacks a computer like a mugging. Meanwhile, ransomware — the new gang on the corner — looks a lot like a kidnapping, taking digital files or whole computer networks hostage. Only a sizable, sometimes enormous payout, usually in cryptocurrencies, buys freedom. They are schemes to defraud and steal, and the intent is criminal.

Or is it much more than that?

Ransomware’s parallels with disinformation are striking. While most high-profile ransomware attacks are in the U.S., U.K., and Europe, the vast majority of attacks are in countries facing political instability, like in Latin America and Africa.

Many digital hostage-taking organizations originate from the same hotbeds where disinformation campaigns are generated, like Russia, Ukraine, North Korea, and the Philippines. Ransomware travels the same political divisions as disinformation campaigns, trafficking in the exploitation of economic inequality, fear of immigrants, and racial resentments to undermine public trust in institutions and belief in social stability.

Where disinformation uses noise and incoherence to sow doubt and spread division, ransomware does something similar: it, too, is an agent of…