Subscribe to our newsletter
By registering, you will receive emails about CoinDesk and agree to our terms and situations and our privacy policy.
Subscribe to our newsletter
By registering, you will receive emails about CoinDesk and agree to our terms and situations and our privacy policy.
Use another internet browser for a better experience.
Any organization that is based on computers may be vulnerable to virtual extortion, but the risk is unclear. Marcus Hutchins, an industry expert, takes part.
Amid the developing geopolitical risk of ransomware, cryptocurrencies have a hunting horse: after a series of large-scale exploits, calls have been made to ban or monitor blockchain networks, thinking that bitcoin catalyzes cybercrime.
The dangers of ransomware are real: any organization that is based on PCs can be vulnerable to virtual extortion. The risk is unclear: malware can evolve or be deployed through individuals, state-backed groups, or hacking collectives. And the value is high: Computer hijackings can disrupt critical infrastructure from power grids to watersheds, putting lives and economies at risk.
This article is taken from The Node, CoinDesk’s daily summary of top blockchain stories and crypto news. You can subscribe for the full newsletter here.
Given the amorphous risk presented by ransomware, crypto seems like a concrete vector of action, after all, colonial pipeline pirates were paid in BTC, the same goes for REvil, an organization that has already attacked Apple and paid $70 million in bitcoins for its recent Kaseya exploit. A new crowdfunding site, Ransomwhe. re, seeks to track bitcoin bills in wallets related to ransomware gangs.
But blaming cryptocurrencies for ransomware is a mistake, said Marcus Hutchins, a British computer security researcher with a busy career in the malware industry. In a video titled “Why Destroying Bitcoin Wouldn’t Stop Ransomware,” Hutchins points out that hackers one way, with or without bitcoin.
“In fact, cryptocurrency has made ransomware more available and contributed to its proliferation, however, without it, those types of attacks would have persisted,” he told CoinDesk. When the malware industry first gave the impression in 2012, it was not unusual to settle for US dollars for exploits.
While the recent trend of corporate piracy has been most commonly funded through cryptography (Chainalysis found that crypto bills for ransomware reached $412 million last year), this is not a sufficient explanation for why taking action against a nascent industry.
“We surely have no knowledge about what enterprise ransomware attacks without cryptocurrencies look like. We can only theorize on the basis of techniques beyond, but not on the basis of long-term innovations. Therefore, advocating for a ban on cryptocurrencies to prevent ransomware is naïvely more productive,” he tweeted.
Hutchins is famous on the hacker network for shutting down WannaCry in 2017, at the time of the biggest ransomware attack, which torched thousands of computers worldwide and shut down more than a dozen UK hospitals.
He is also the architect of darknet sites, botnets and malicious scripts. As a teenager, Hutchins began spending time on internet forums, where he fell into the ghost of writing malicious code. He paid well, in recreational drugs and bitcoins. he under the custody of the United States, in a story told in its entirety through Wired.
Since its reform, Hutchins has worked on malware of opposite engineering and offers security tips. He also has a popular blog called Malware Tech. After observing the evolution of the ransomware industry over the past decade, Hutchins insists that the recent rise of ransomware cannot be attributed to crypto.
CoinDesk stuck with him to get out more.
Is there an herbal rate of ransomware attacks that we could be waiting for even if bitcoin/banned cryptography/never existed?
In fact, cryptocurrency has made ransomware more available and contributed to its proliferation, but without it, such attacks would have persisted. Sophisticated cybercrime teams have access to cash laundering netpaintings and can therefore work with the USD. of ransomware without cryptocurrency, because ransomware targeting today’s corporations only gave the impression around 2016, when cryptocurrency was already the norm for payments.
Some have said that bitcoin is a terrible currency to use in criminal operations because each and every transaction is recorded. What happened after the Colonial Pipeline hack is a clever example of this.
As a general rule, bitcoin is preferred as it can facilitate a fast and frictionless automated payment validation infrastructure, but due to its traceable nature, many bands make money in bitcoins and launder in USD.
You have noticed that the ransomware uses the banking system, cash issuers like Western Union, like Liberty Reserve and crypto. Given the extent and history of cybercrime, is the only possible solution for ransomware to track more than all monetary systems?
This is not a solution at all, just a partial mitigation. While gangs must operate with impunity from non-extradition countries, it doesn’t matter how well they can be traced if they can’t be arrested or arrested.
The way hackers are written describes ransomware as an industry that professionalizes, does this correspond to your experience?
Yes, some of those teams have complex organizational structures with departments, administration, and task pipelines.
What would you propose to a company or government that has become infected?
It is to go through an external IR to investigate the scale and scope of the attack.
NTT, a Japanese-generation service provider, found that cryptojackers accounted for 41% of all malware detected in 2020 What do you think of this trend?Is that a valid cause for concern? Is it simply the emerging costs of cryptography?
Cryptojacking is one of the tactics to monetize access to devices with the lowest barrier to entry; as a result, it is available even to the least qualified hackers, widespread. Due to the non-destructive nature of cryptojacking, I think it’s something to deal with, but not a higher priority risk like ransomware.
Subscribe to our newsletter
By registering, you will receive emails about CoinDesk and agree to our terms and situations and our privacy policy.
The leader in news and news about cryptocurrencies, virtual assets and long-term money, CoinDesk is a medium that strives to meet journalistic criteria and adheres to a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.