For many, the attraction of cryptocurrency lies partly in the fact that it is anonymous and decentralized. Ownership is determined by a series of peer-to-peer public transactions recorded in the blockchain transparently but without any details of an owner’s personal identity.
The lack of centralized regulation or supervision, coupled with the anonymity of crypto transactions make it a popular form of currency among cybercriminals in general and ransomware gangs in particular. In fact, one cybersecurity expert sees a direct correlation between the rise of cryptocurrency and an escalation in ransomware attacks.
In a recent interview, FireEye CEO Kevin Mandia said the popularity of crypto closely tracks with a rise in ransomware attacks. “When you look at the rise of ransomware, it absolutely aligns with the rise of anonymous digital currencies,” Mandia said. “It’s no question it’s an enabler that you can break in anonymously and be paid anonymously, and now you can commit crime from 10,000 miles away in a safe harbor.”
Cybersecurity analysts and federal law enforcement agree that the payment of ransomware, which most frequently requires payment via Bitcoin, creates an incentive for more attacks and doesn’t always restore access to encrypted data. If criminal gangs come to expect large payouts, there is very little to discourage them from striking other targets.
But that hasn’t stopped companies from giving in to ransom demands in the face of costly shutdowns, or in the case of the recent attack on Colonial Pipeline, fuel shortages and soaring gas prices. Shortly after news broke that the pipeline had been attacked, it was reported that the company paid $4.4 million in ransom.
Turning the Tables
In a strange twist, government investigators were able to recover a substantial portion of the ransom paid by Colonial Pipeline. A newly created Department of Justice digital extortion task force managed to track the ransom payment to a specific crypto wallet used by the attackers, for which they possessed the private key.
“Following the money remains one of the most basic, yet powerful, tools we have,” said Deputy Attorney General Lisa Monaco during an announcement of the ransom recovery. “Ransom payments are the fuel that propels the digital extortion engine, and today’s announcement demonstrates that the United States will use all available tools to make these attacks more costly and less profitable for criminal enterprises.”
Effective Ransomware Strategy
General agreement exists among cybersecurity analysts and law enforcement officials that ransomware attacks have reached critical levels and that they pose grave threats not only to the business community and critical infrastructure, but to national security as well. Many of the most notorious cybercrime gangs, including the group DarkSide that is believed to have perpetrated the Colonial Pipeline attack, are linked to foreign states.
As law enforcement refines its tools to mitigate ransomware threats and successfully investigate attacks when they occur, organizations also need to make sure they’re doing all they can to prevent unauthorized access to company or consumer data. SecureData has helped corporations, small and medium enterprises and government agencies create layered data security solutions for more than a decade.
SecureData specializes in comprehensive strategies to protect backup systems with offline encrypted storage and remote management of portable SecureDrive and SecureUSB storage devices. Our SecureGuard port-blocking technology also hardens endpoint network security by strictly controlling which USB storage devices are permitted to access Windows-powered computers on your company network.
Ransomware prevention requires a clear and tested strategy. Call us at 800-520-1677 to speak to one of our data security experts about how we can help you stay protected.