Ransomware and The Role of Cryptocurrency

Ransomware and The Role of Cryptocurrency

The explosion of ransomware as a lucrative criminal enterprise has been closely tied to the rise of Bitcoin and other cryptocurrencies, which use distributed ledgers, such as blockchain, to track transactions. The use of cryptocurrency adds to the challenge of identifying ransomware criminals, as payments with these currencies are difficult to attribute to any individual. Often the money does not flow straight from ransomware victim to criminal; it travels through a multi-step process involving different financial entities, many of which are novel and are not yet part of standardized, regulated financial payments markets.

Ransomware criminals typically demand that victims send their ransom payments via Bitcoin, but after receiving the payment the criminals typically obfuscate these funds as quickly as possible to avoid detection and tracking. Their methods include “chainhopping,” which involves exchanging funds in one cryptocurrency for another cryptocurrency using any of a variety of cryptocurrency exchanges. The funds can be extremely difficult to trace after they have been exchanged, and to further shield themselves, ransomware actors may use money-mule service providers to set up accounts, or use accounts with false or stolen credentials.

Ransomware criminals can also obscure their transactions through cryptocurrency “mixing services,” which muddy the public ledger by mixing in legitimate traffic with illicit ransomware funds. Some groups will also demand payments in currencies known as “privacy coins,” such as Monero, that are designed for privacy and make payments untraceable. However, privacy coins have not been adopted as widely as might be expected because they are not as liquid as Bitcoin and other cryptocurrencies, and due in part to regulation, this payment method may become increasingly impractical.

Cryptocurrencies add to the challenge of ransomware because they are considered to be “borderless.” The cryptocurrency community is expressly focused on building a set of technologies
designed to reduce compliance and financial process costs. After obfuscating the extorted funds, ransomware criminals may either withdraw the funds into hard cash, or because cryptocurrencies have become increasingly common (and their value has been steadily rising), they may keep their profits in cryptocurrency and use them to pay for other illicit activities.
While cryptocurrencies are difficult to trace, blockchain analysis can help interpret public blockchain ledgers and, with the proper tools, government agencies, cryptocurrency businesses, and financial institutions can understand which real-world entities transact with each other. Blockchain analytic companies are able to show that a given transaction took place between two different cryptocurrency exchanges, for example, or between a cryptocurrency exchange and an illicit entity, such as a sanctioned individual or organization. With blockchain analysis tools and Know Your Customer information, law enforcement can gain transparency into blockchain activity in ways that are notpossible in traditional finance.

Ransomware and The Role of Cryptocurrency

Ransomware and The Role of Cryptocurrency

Understanding Ransomware | Defending Against Ransomware

Understanding Ransomware and Defending Against Ransomware

How does ARP work? | ARP Commands

How does ARP work?, ARP Command

Kaseya Cyber Attack | Kaseya Ransomware Attack

About 200 US businesses have been hit by ransomware attack, according to a cyber-security firm.

Suggested Cyber Resilience Activity Plan

Suggested Cyber Resilience Activity Plan

Types of Cyber Security Threats

Types of Cyber Security Threats: Ransomware, Malware, Social engineering, Phishing

Guideline for setting secure Password

Guideline for setting secure Password. Choosing the right password

Reasons for Cyber Crime | Cyber Crime Security

There are many reasons which act as a catalyst in the growth of cyber crime.

Cyber Security Structure Attacks | Unstructured Attacks

The cyber attacks can also be classified as structure attacks and unstructured attacks based on the level of maturity of the attacker

Classification of Cyber Crimes | Cyber Attacks

The cyber criminal could be internal or external to the organization facing the cyber attack