Many crimes can be solved by following the money, and that may hold true for the growth of ransomware attacks – though the money itself may be different.
Countering the increasing use of ransomware – malware that attacks computers and networks and encrypts files, which criminals then demand payment in order to decrypt – may require action against hard-to-trace cryptocurrencies like bitcoin that are often used to pay the criminals behind the attacks, according to David S. Kris, former assistant attorney general at the US Department of Justice’s national-security division.
“I think the way to attack this – and I think the way you’re probably going to see some legal change over the next few years – is on the other end, with respect to the payments,” Kris said during the question-and-answer session of a Center for Strategic and International Studies panel event.
“And as I understand it – again, without having studied it too extensively – is that, you know, fintech is what is enabling this, cryptocurrency,” Kris added.
Reports of ransomware use have increased considerably in recent months.
“In the last six to 12 months, this has just gone so aggressively to the business environment,” Marcin Kleczynski, CEO of cybersecurity company Malwarebytes, told Business Insider in August. “We see companies from 25 people all the way to 250,000 people getting hit with ransomware.”
Tech firm Kaspersky Lab said this summer that the number of victims attacked was growing at an alarming rate – up from 131,000 in 2014-2015 to 718,000 in 2015-2016, according to AFP. Some researchers have seen a 3,500% increase in the web infrastructure needed to run ransomware campaigns.
According to Kleczynski, some banks have begun stockpiling bitcoin – which currently trades about about $600 to one – in case of a ransomware attack. “I talked to a couple of banks, and they say they have 50-100 bitcoin ready at all times in a wallet to deploy if a ransomware attack hits,” he told Business Insider’s James Cook.
A report this summer found that hackers employing ransomware could pull in as much as $7,500 a month. And while individual victims are usually only hit with demands for a few hundred dollars, the likelihood that they will pay has made ransomware an appealing venture for hackers.
And financial-services firms and individual people aren’t the only potential targets.
A NASCAR team admitted to paying hackers after its computers where hit with a ransomware attack.In August, security researchers demonstrated a ransomware attack on a smart thermostat, raising the possibility that Internet of Things devices will come into the crosshairs.
- © AFP/File Philippe Lopez
The appeal of ransomware has no doubt been burnished by cryptocurrencies like bitcoin coming into the mainstream.
“I personally would not be surprised to see over the next few years increasing regulation that maybe makes it more challenging for these kinds of anonymous, substantially untraceable – I don’t want to say it’s completely untraceable – payments to be made,” Kris said during the CSIS event.
“I think probably where you’re going to see legal change is in the area of the payment scheme. That may be wrong, but that’s sort of what I expect.”
However authorities choose to counter the use of ransomware, it’s unlikely the threat will go away any time soon.
“The extortion model is here to stay,” a Kaspersky Lab expert said in a statement about rising ransomware attacks on Android users.