Professor Ciaran Martin and Dr Max Smeets talk about his new book, Ransom War: How Cyber Crime Became a Threat to National Security.
What did I get from this event: Cybercrime is no longer only about stolen credit cards and leaked emails, it has become a battleground for national security. This was the focus of the conversation between Professor Ciaran Martin and Dr Max Smeets, a new kind of war, ransomware has evolved from crude digital extortion into a highly sophisticated business model. It’s no longer just about money, it disrupts critical infrastructure, healthcare, and entire governments. The NHS cyberattack in London and the Costa Rican national emergency in 2022 illustrate its devastating impact.
Smeets explains how ransomware groups now operate like legitimate businesses, complete with branding, customer service, and even guarantees. If they fail to decrypt your files after payment, their reputation suffers. Many provide a free decryption demo to prove their credibility—demonstrating the paradox of trust within crime.
The geopolitics of cybercrime often overlaps with national interests. Many ransomware groups originate from Russia, where they operate with implicit state tolerance, as long as they avoid targeting Russian businesses. Russian secret services sometimes leverage these groups for political ends, though the connections remain murky.
Other states are now stepping into the ransomware scene, Ukraine – Once a hub for cybercrime, now co-opting hackers into its war effort, with groups like MB65 supposedly working in support of the state. North Korea & Israel – Expanding their ransomware operations, possibly for both financial and intelligence purposes. China – Running state-controlled ransomware campaigns, but is the goal money or data?
Smeets argues that Western states do not operate ransomware groups, at least not openly. But if cybercrime is now a tool of state power, will governments start adopting more aggressive tactics? We are already seeing discussions about hacking back, sanctions, and even assassinations and drone strikes against cybercriminals.
The Evolution of ransomware has moved beyond lone hackers and small groups. It has professionalised, with specialised teams handling different tasks: Some focus on technical exploits. Others on negotiation and victim management. Others still on money laundering. English-speaking countries are prime targets, as criminals can easily understand and monetise stolen data.
Originally, ransomware groups operated hierarchically, relying on top-down trust structures. Now, they are shifting to decentralised and federated models, outsourcing different parts of the process to specialist teams. This makes them more resilient and harder to disrupt.
How can this be mediated? Smeets offers several strategies to undermine ransomware networks:
- Disrupt trust – Leak internal communications and sow distrust within groups.
- Expose operational methods – Make it harder for them to operate in the shadows.
- Target infrastructure – Dismantle command-and-control systems.
- Sanction financial networks – Make it harder to launder ransom payments.
A ban on ransom payments won’t end ransomware, but it might shift attackers toward easier targets. The core question remains: Is ransomware just about money, or is it a new tool for states to exert power in the digital age?
My view is an alternative path, might social and economic change, the #4opens and redundant data flows work. In a world where cybercrime thrives on secrecy and centralised control, could radical transparency be part of the solution? The #4opens philosophy suggests an alternative: highly redundant, open-data systems that resist extortion because no single entity holds all the power. If data is widely distributed and accessible, ransomware loses much of its leverage. This is a shift from reactive defence to proactive resilience, a challenge to both cybercriminals and #mainstreaming vertical state actors and culture. This is already a core idea behind both the#OMN and #Fediverse networks, but yes we are talking about both economic and social models and paths shifting fundamentally, it’s a project.
