In 2017, the world saw the rise of ransomware as the names of famous ransomware attacks permeated the news such as Petya, Goldeneye and more.  According to Secplicity, “…malware is at an all-time high, global ransomware damages are predicted to exceed $5 billion, and data records are being stolen by hackers at a rate of more than 5 million a day.”

Cryptocurrency continues to rise in 2018

Many security experts are pointing to the increasing amount of breaches that either demand cryptocurrency to terminate ransomware attack, or the use of cryptocurrency itself as a mode of attack.

There are over 1500 types of cryptocurrency powered by Blockchain encryption technology – from the most popular Bitcoin, to Ethereum and Litecoin – all worth billions and ripe for the “pickings.”  According to CNET, the bitcoin has become the preferred payment of ransomware, and it has been reported that 99% of all illegal activities online are using cryptocurrency.

CNET also finds that there are viruses that can turn computers into slave machines mining for cryptocurrency, as they did in the recent ZeroAccess attack. There are reports of hackers disguising malware as cryptocurrency apps, tricking folks into investing into the currency.

Cybercriminals are attracted to cryptocurrency because it allows perpetrators to operate anonymously, reports Dark Reading.  For instance, Bitcoin provides a cloak of obscurity when payments are received or cashed out.  Also, Bitcoin accounts and transfers are difficult to trace.  For hackers who want to operate on targets outside their own country, Bitcoin can be used as a global currency without the inconvenience of exchange rates.

In the past, cybercriminals used to rely on gift cards for payment – but those are not always the best solution, according to Dark Reading, since gift cards cannot be used globally.  This has caused cryptocurrency to become the weapon of choice.  An example of this occurred when Ashley Madison, the “adulterers’ website,” was breached and criminals threatened Ashley Madison users with a bitcoin ransom to keep from having their identities revealed.

What can be done to stem the tide of cryptocurrency illegal activity?

Dark Reading reports that experts are able to track bitcoin wallet addresses as an Initial Coin Offering, or ICO. This has enabled researchers to connect the dots between ransomware, wallet addresses and share infrastructure and attribution, writes Dark Reading.

Dark Reading shared this example: A new piece of ransomware gives you a bitcoin address for payment. You can then make correlations that connect across sectors, like retail, energy, or technology groups based on the blockchain and/or reuse of the same address. The more bitcoin addresses are shared, the more you can identify addresses to which bitcoins are forwarded.”

In addition, the ability to track transactions through the blockchain has allowed authorities to connect different ransomware campaigns. While cybercriminals don’t usually share bitcoin wallets as they might share the same exploit kit, by tracking blockchain transactions, analysts have another investigative tool to use in the fight against the illegal use of cryptocurrency.

That said, crooks are doing their best to try and avoid capture by converting Bitcoin to other types of open-source cryptocurrency such as Monero, Dash, and Zcash.

Finder.com writes, “Unfortunately, bitcoin isn’t the peak of criminality, and it’s exceptionally easy to track. Its widespread infrastructure and ease of use mean it’s still the crook’s coin of choice, but Monero, Dash and Zcash are all making rapid gains.”

Private citizens take heed: A sound strategy for keeping crypto-currency wallets safe would be to never keep crypto accounts in an Exchange that can be hacked, and instead use an offline method of storage such as hardware or paper wallets. Also, phone apps are one of the worst places to keep a wallet – as phones can easily be stolen and hacked.

 

Organizations must ensure their data is properly protected. Ransomware and other cyber threats are very real and happening with rapidly increasing frequency all over the globe. For more information on protecting your network, contact DiamondIT at 877-716-8324.