Ransomware incidents are escalating and are partly driven by the diffusion of cryptocurrencies. Without cryptocurrency, such attacks are less desirable as other forms of payment are traceable. The first half of 2020 witnessed a rise of 60% in average ransom payments, with bitcoin used for most payments.

The role of cryptocurrency

Cryptocurrencies are an extortionist’s dream come true. It is very difficult to trace adversaries based on bitcoin addresses. Moreover, bitcoin has become essential on the dark web as it is easy to acquire and use. Other cryptocurrencies, such as Monero, Dash, and Z-Cash, provide extra privacy features. As per World Economic Forum (WEF), 10% of global GDP will be stored on blockchain by 2027.

Cryptocurrencies such as the hypothetical DDoSCoin can enable hackers to conduct DDoS attacks and broaden cryptocurrency-fueled attacks that go beyond the scope of conventional ransomware. The concept of decentralized finance or DeFi is damaging too as smart contracts can be abused.

Recent ransom demands

  • Colonial Pipeline paid a whopping sum of almost $5 million in bitcoin to the DarkSide ransomware gang. Later $2.3 million was recovered. 
  • JBS paid a ransom of $11 million in bitcoin in response to the debilitating attack against its operations. The initial ransom demand by REvil operators was $22 million.

Propensity to pay ransom

Ransomware actors threaten their victims of permanently locking their files or leaking them on the dark web if the ransom is not paid. Lately, the trend of double and triple extortion has gained quite a bit of traction. This becomes an awful problem for organizations without any data backup. Moreover, if a victim faces severe consequences, it drives the others to pay the ransom to avoid such implications.

In addition to this, some organizations with data retrieval plans still go forward and pay the ransom as the leakage of sensitive data has major repercussions on the reputation of companies.

A ray of hope

  • White House officials stated that they were pushing to better trace ransom payments.
  • The Ransomware Task Force—an international alliance of government officials, law enforcement, and private sector technologists—issued an extensive report. This would guide businesses to deal with the ever-growing threat of ransomware.
  • The GCHQ warned that ransomware has taken the title of the biggest threat to British people and businesses. The G7 explicitly stated for no country to act as a safe harbor for ransomware actors.

The bottom line

Ransomware cannot succeed without cryptocurrency. The pseudonymity provided by cryptocurrencies has made the jobs of threat actors easier. Organizations need to know the warning signs, not pay a ransom, and implement backups and security monitoring. Moreover, organizations are required to analyze their network vulnerabilities and educate customers and employees about cybercrimes.

Cyware Publisher