The ransomware criminal business is thriving whether it’s Bad Rabbit, Ryuk, Locky or any other of the various data-encrypting malware. Cybercriminals have been smiling all the way to the bank in the past few months, recording thousands of dollars gained from infected victims who obliviously feel into the criminals’ traps.
Currently, cyber experts have sent a warning regarding the state of ransomware economy. The industry will continue to grow as hackers become more sophisticated in their operations and range.
Even as 2020 begins to take shape, players in government and healthcare industry had seen a 20% increase in ransomware attacks in the second month of 2019. The reality that the attacks will keep coming is here to stay.
At this point, you are probably wondering what is the place of cryptocurrencies in all these cases?
Before we dive right into the subject, let’s touch on a little history to understand where bitcoin and other cryptocurrencies became integrated into the ransomware criminal industry.
A History of Extortion
As far as we can all remember, online extortion was already a thing even before the creation of Bitcoin. We can recall how cybercriminals even went further to employ postal services in receiving payments for scams schemed around viruses.
Back then, a significant number of such viruses operated in a similar fashion to the ransomware tools of today. While many hackers made a killing at the time, today’s ransomware attacks have turned out to be more lucrative than the historical forms of extortion.
This aspect stems from the fact that law enforcement agencies would have a field day in nabbing the cybercriminals as soon as they showed up to pick payments. Further, the local authorities had a firm grip on postal routes monitoring mailboxes and arresting criminals whenever they picked goods.
This failure led cybercriminals to turn to online payment systems, including money transfer services like PayPal and Western Union, to get paid by victims of malicious software. It would later turn out that this alternative was still a bad idea since payment platforms were still linked to bank accounts that would be traced to actual people.
It is at this point that Bitcoin became adopted as the preferred mode of payment as cryptocurrency appealed to cybercriminals for its promise of anonymity.
The Role of Crypto in Ransomware Attacks
Today, cybercriminals demand ransom in form of Bitcoin – an option that offers a secure system of exchange that can move past the watchful eye of law enforcement agencies.
It can be inferred that as Bitcoin’s popularity rose in the recent years, a significant surge in ransomware attacks has been witnessed along its side. This observation leads us to wonder whether the growth of crypto and ransomware demonstrate a symbiotic relationship.
Otherwise, before we find out why Bitcoin became popular among ransomware criminals, let’s understand how a crypto-enabled ransomware attack looks like.
Any ransomware attack constitutes three components, and these elements remain true regardless of the nature of a target – whether it’s young John Doe down the street, your loved one or a blue chip organization:
- Hackers gain unauthorized access to your device with express permission to alter the sensitive data your computer holds.
- Hackers install malware on the device with the intention of encrypting the files therein – they employ sophisticated cryptographic techniques and hold a key that gives them full control over your data.
- Hackers demand to be paid in Bitcoin, in exchange for the key.
Looking at the above scenario which as mentioned already has become a classic case in any ransomware attack, we realize that unauthorized computer access is the root problem. Cryptography and crypto become its enabler.
Why Bitcoin Is a Darling to Ransomware Criminals
Apart from the transactional anonymity that Bitcoin promises, criminals love crypto for the fact that it enables the immediate transfer of extorted monies to their possession.
In fact, looking at other options in financial cybercrime, including some of the most dangerous data-stealing banking Trojans, it is only Bitcoin (and other cryptocurrencies) that can offer this kind of advantage.
This aspect presents itself in the sense that Trojan cases are traceable since law enforcement agents can establish a trail on the involved stolen identities and actual perpetrators that constitute such attacks.
Importantly, ransomware criminals benefit from the flexibility that characterizes crypto payment transactions. This attribute is more preferred to traditional payment systems where individual login and financial credentials are required.
In this sense, if a hacker harvests enough funds from a specific campaign or catch wind that the cops are on their trail they can simply move with their business to a different location.