Cyber attacks using ransomware are on the rise, and ransom payments to hackers are also increasing. Cryptocurrency and exchanges where digital currency can be traded anonymously have become key tools for cyber extortionists. The huge sums paid by companies to regain control of their computers would have been nearly impossible to move to any other legitimate currency market, experts say.
How is crypto used in cybercrime?
A typical ransomware attack against a business or organization might go as follows: Executives realize that their company’s website is down or systems are inaccessible, and administrator replacements are not working. A ransom note arrives via email, providing a Bitcoin address where payment must be made if the company wants its systems to be up and running again, as well as a deadline. The victim calls the Bitcoin address, which is 26 to 34 characters long, when they log into a cryptocurrency exchange to make the deposit.
What makes crypto attractive to criminals?
The anonymity built into the digital ledger system known as blockchain, which forms the basis of cyber currencies, can be exploited by various maneuvers. A ransom paid in Bitcoin can be quickly executed through a so-called cryptocurrency mixer, which obscures the track of ownership by pooling it with other people’s holdings. (While the practice itself is not considered illegal, mixing operators can get into trouble if they have laundered money obtained illegally.) Another option is to convert the ransom payment into crypto. -different currency via a crypto exchange. So-called money mules can be recruited from dark web forums and asked to withdraw Bitcoins from certain accounts.
How much was stolen this way?
Ransomware attacks took off in 2020, when victims paid attackers more than $ 406 million in cryptocurrency, according to blockchain analytics firm Chainanalysis Inc. This year, groups took at least $ 81 million. dollars to victims in May, the company said. Cyber security firms claim companies have paid millions more in ransoms that have remained silent. Being insured against cybercrime can make victims more willing to pay ransoms if they are covered by the insurance policy. It is said that hackers who specialize in ransomware actively seek out targets that have insurance.
What were cyber thieves doing before Bitcoin?
There have always been a myriad of ways to launder money, that is, to hide its roots in illegal activities. In the past, ransomware payments were made through money transfers through services like Western Union, prepaid gift cards, transfer of funds to senior bank accounts which are quickly transferred by criminals, even from there. money in sports bags left in designated areas for pickup. .
Can payments made in cryptocurrency be traced?
Yes, at least in the beginning. All Bitcoin transactions, while anonymous, are available to everyone, so someone who follows a particular Bitcoin wallet can observe when the money arrives. But accessing the money inside the wallet requires a private key, essentially a password, and that’s something ransomware groups don’t normally share with anyone outside of their operation.
Have ransomware payments been foiled?
Yes. The United States Federal Bureau of Investigation was successful in recovering 63.7 of the 75 Bitcoins paid by Colonial Pipeline Co, operator of America’s largest gasoline pipeline, in a Russia-linked ransomware operation because it was able to track money as he spent more than a dozen. transactions, and most importantly, came into possession of the private key that the hackers had used. (The 63.7 Bitcoins were worth around $ 2.3 million at the time of the FBI’s action.) In the warrant it issued to seize funds, the FBI did not specify how its agents acquired the private key.
Can we do something else?
The regulations may be coming. In April, the Ransomware Task Force, a public-private partnership created by the Institute for Security and Technology, released an 81-page report with recommendations on how governments can protect themselves against and respond to ransomware attacks. face. The group urged governments to expand Know Your Customer (KYC), Anti-Money Laundering (AML) and Anti-Terrorist Financing (CFT) requirements – which national and international authorities enforce against banks around the world – to crypto exchanges, kiosks (crypto version of ATMs) and over-the-counter trading tables. Calls for a total ban on Bitcoin have been assuaged by the currency’s gradual acceptance by the financial sector.