Crypto ownership should come with cybersecurity awareness and the adoption of best practices in fending off the threats of possible direct crypto theft as well as extortion and ransom demands.
Despite all the skepticism, cryptocurrency adoption has steadily risen over the years. The number of people who are expected to use crypto as a payment method or for other purposes is expected to surpass 300 million in 2024, significantly higher than the current number of users. It appears all the doubts and mockery have not stopped cryptocurrencies from gaining new adopters.
This may give crypto fans a boost, but it is not meant to hide the unflattering details that skeptics assail, especially when it comes to the risks and threats. Downplaying the dangers is counterproductive and unhelpful towards meaningful crypto adoption. The growing number of ransomware attacks, in particular, is an important point to discuss substantively.
Aside from preparing for the possibility of crypto theft and price crashes, crypto users should also watch out for cases of ransomware attacks. The link between the two may be obscure but they are worth exploring, especially for those who are new to the world of cryptocurrency.
Digital currency that affords some degree of anonymity has been the preferred currency of cyber criminals. Several high-profile attacks involve bitcoin or other cryptocurrency demands for the ransom. In a 2021 attack, for example, major meat supplier JBS reportedly paid a ransom in Bitcoin worth $11 million. The Colonial Pipeline attack in 2022 forced the American oil pipeline system company to shell out $5 million. Most ransomware attacks have resulted in ransom payments.
A survey among companies that have been affected by ransomware attacks reveals that an overwhelming majority of them decide to pay the ransom just to recover their hostage files and restore normal operations as soon as possible. For many, it costs them less to pay the ransom than to go through the lengthy process of cracking the ransomware decryption code to recover files and go after the perpetrators. This is unfortunate and discrepant with industry and government policy on ransom payment.
One significant factor in the prevalence of ransom payments is cryptocurrency, which has many features that make it a suitable option for illicit activities. For one, it affords some degree of anonymity. While the use of cryptocurrency does not guarantee that a person can transact fully anonymously, especially without using tumblers or mixers, it is considerably more difficult to hold fund recipients to account when they use these digital currencies. Private and government organizations would have to allocate significant resources in the effort to trace the identities of crypto accounts that receive the ransom.
Another crucial feature of crypto that makes it a preferred ransom option is its decentralization and lack of pervasive regulation. Because there is no central bank or other regulator overseeing it, there are no limits on the amount and frequency of funds cybercriminals can demand. With regular banking, transactions have amount ceilings, and government regulators are alerted whenever transactions involving hundreds of thousands of dollars are initiated. Also, minimal regulatory oversight means faster transactions.
Additionally, cryptocurrency is one of the best ways for fast and easy cross-border payments. Ransomware attack perpetrators expand their targets by using payment methods that do not need to go through numerous procedures to have funds transferred abroad.
Understanding Crypto in the Context of Ransomware
The point here is that cryptocurrency can become a tool for threat actors. Users need to know how they can avoid becoming part of a system that enables cybercrime and other harmful activities. It is welcome news that more people are embracing crypto, but advocates and enthusiasts should not stop attracting more users. It is also important to educate everyone about the risks and abuses.
Ransomware is a good starting point in discussing the not-so-palatable side of crypto. Until now, many continue to associate cryptocurrency with illegitimate and felonious activities because of reports of companies falling victim to ransomware and paying the ransom with Bitcoin or other digital currencies. The criminal use of cryptocurrency is growing, and some may not realize that they are playing a role in this proliferation.
When organizations or individuals give in to the demands of ransomware perpetrators, they are furthering the viability of ransomware attacks. They are implying to attackers that crypto adoption is growing and many are willing to continue paying ransom demands with their crypto assets.
Resisting and Fighting Ransomware
To be clear, there is nothing about ransomware that can be directly used to fend off ransomware attacks. There is no mechanism like the “marked money” system used to trace criminals who demand cash ransom from their victims. It is also impossible to configure crypto wallets to reverse a fund transfer transaction after the ransomware-affected files have already been restored.
However, organizations as well as individual users of cryptocurrencies can take note of the following tips on how to avoid ransomware problems and ensure the security of their crypto assets.
- Keep the mindset of never paying ransom demands. This may not sound logical to organizations that urgently need to recover their files and restore operations, but it is advisable to think this way to focus on preventative actions. After all, many ransomware perpetrators cannot guarantee the immediate restoration of files. Take the case of the Colonial Pipeline attack: the company paid ransom only to have their files decrypted at a painfully slow pace.
- As mentioned, prevention should be a priority. To avoid having to expend crypto assets due to a ransomware problem, it is important to fortify defenses against cyber threats and eradicate or minimize vulnerabilities in the IT infrastructure. As the cliché goes, prevention is better than cure.
- One of the most important preventive actions organizations should take is to have a reliable continuous data backup system. Having this can, in a way, nullify ransomware attacks. Instead of paying the ransom to decrypt the encrypted data, the organization can immediately proceed to restore data from the backup system. It can still cause inconveniences and a bit of disruption in operations, but it is better than relying on the attacker’s expensive but unsure decryption system.
- Additionally, organizations that accommodate crypto payments through websites or apps (or those that maintain interfaces for their customers in general) should also sanitize and secure their UIs. These can contain vulnerabilities that may enable threat actors to exfiltrate data, execute malicious code, or perform other harmful actions. These can create opportunities for malware infection and other attacks.
- Moreover, it is advisable to be part of a cybersecurity intelligence framework like MITRE ATT&CK to share information about an attack and help grow the global cybersecurity community’s knowledge base and response mechanisms.
In summary, ransomware has some affinity to cryptocurrency because most ransomware perpetrators tend to demand ransom in bitcoins and other crypto assets. It is not a stretch to say that getting acquainted with ransomware offers a useful perspective on secure cryptocurrency use and IT security in general. In particular, crypto users should learn to resist using their digital assets to yield to cybercriminals’ demands. Crypto ownership should come with cybersecurity awareness and the adoption of best practices in fending off the threats of possible direct crypto theft as well as extortion and ransom demands.