A Lunar Guide to Ransomware: Choose-your-own-adventure
As a Halloween surprise, we decided to play a little game. Following your lead, we traced our way through a ransomware attack that found us all the way on the surface of the moon.
Didn’t get a chance to join in or want to see the story play out differently?
Then jump right in!
For more from the Cyber Statecraft Initiative on ransomware, check out our issue brief:
Let’s get started!
In a backwater and unfashionable solar system hangs a small silver-white moon.
Far from port, the only movement now detectable is a small figure kicking the treads of a stationary transport.
Louise’s voice, muffled by the transparent dome over her head, groans, “Why now?”
Her handheld, equipped with the latest in diagnosis and repair software, blinks insistently highlighting the display that now reads
“HAHA. GOT YOUR SYSTEM. TRANSFER 500 CREDITS TO REGAIN ACCESS. OR ELSE.”
Louise sighs deeply, “What should I do?”
Choice A
Louise sighs to herself, “If I want to get home at a reasonable hour, I guess I have to do it.”
She follows the incredibly thorough directions provided and transfers the money.
Her handheld blinks one last time with the message “THANKS BUD,” before it springs back to life.
Louise frantically scrolls through her handheld, which thankfully now seems to be functioning just fine.
“Well, what’s done is done,” she says to herself, “what should I do now?”
CHOICE A1: Go back to the port and report the incident
Choice A1
In short order, Louise uses up her handheld to gets the transport moving.
She flies over the lunar surface, speeding past the turn off to the extraterrestrial terrain park. When she arrives at port, she heads directly to the Office of the Space Information Security Officer.
Louise explains the incident to Mira, who calmly fills out an incident report.
“I appreciate you coming in, Louise, we’ll investigate any data breaches and find out if this actor has targeted anyone else.”
Louise smiles as she exits the office, “Not bad for a day’s work.”
For more on how to handle a ransomware situation, check out CISA’s Ransomware Guide – I’m sure Louise would have appreciated the guidance.
Choice A2
‘It’s been a long day,’ Louise thinks to herself, ‘I deserve some fun.’
In no time she repairs her transport and whizzes off to the extraterrestrial terrain park. No one can match her speed and skill and Louise comes home much later with a dirty transport and a satisfied smile.
The next week, she travels even further out to test the transport’s newly installed suspension.
Just as she hears a loud crack somewhere beneath her, her handheld blinks to life, “MISSED ME? SINCE YOU LOVE YOUR HANDHELD SO MUCH, I’M SURE YOU WON’T MIND PAYING 500 MORE CREDITS.”
For more on how to handle a ransomware situation, check out CISA’s Ransomware Guide – I’m sure Louise would have appreciated the guidance.
Choice B
With a broken handheld and broken transport, Louise trudges back to the port on foot, batting away the flying phish that bump absently at her head.
She soon picks up her pace, leaping and bounding over the lunar surface.
Exhausted, Louise finally makes it inside the hangar dome and removes the now extremely stinky space suit.
She pauses at a split in the walkway, “Where would be the best place to find help?”
CHOICE B1: Space Information Security Officer
CHOICE B2: Intergalactic Investigative Initiative
Choice B1
Louise heads straight for the office of the Space Information Security Officer and hands her the device.
“You didn’t pay?” Mira asks.
Louise shakes her head and receives an answering smile.
“Good,” Mira says, “I’ll take it from here.”
Mira continues, “We’ll isolate the device from the network to prevent spread, look for data breaches, and see if anyone else has been affected.”
Louise smiles as she exits the office, making her way back to the depot to get her transport a tow back, “Not bad for a day’s work.”
For more on how to handle a ransomware situation, check out CISA’s Ransomware Guide – I’m sure Louise would have appreciated the guidance.
Choice B2
Louise, smoothing her unkempt hair, knocks on the door of the Intergalactic Investigative Initiative.
After explaining the incident, the agent says gruffly, “I appreciate you coming in, we’ll isolate the device from the network to prevent spread while we investigate.”
“Don’t worry,” he continues, “we’ll find out if your data has been compromised and track down the actor responsible.”
Louise smiles as she exits the office, making her way back to the depot to get her transport a tow back, “Not bad for a day’s work.”
For more on how to handle a ransomware situation, check out CISA’s Ransomware Guide – I’m sure Louise would have appreciated the guidance.
The Atlantic Council’s Cyber Statecraft Initiative, under the Digital Forensic Research Lab (DFRLab), works at the nexus of geopolitics and cybersecurity to craft strategies to help shape the conduct of statecraft and to better inform and secure users of technology.