BLOG: What role do cryptocurrencies play in ransomware?

Ransomware has gradually become a prevalent cybercrime. Cryptocurrency and ransomware have seemingly had a long history together. The correlation between the two is that close that many have blamed cryptocurrency for the astonishing growth in ransomware attacks.

A cryptocurrency is a digital or virtual currency that employs cryptography as an anti-counterfeiting measure. They are not issued by a central authority, are not subject to government manipulation and do not represent debts. The first ‘popular’ cryptocurrency known is bitcoin. Bitcoin was created in 2009 by “Satoshi Nakamoto”, it is not known if Satoshi Nakamoto is an individual or a group of people. According to Satoshi Nakamoto, their aim was not to invent cryptocurrency but to create a digital cash system that allowed transactions to be validated without the requirements for a central entity and ensuring that transactions would be anonymous. After this creation came a long list of other cryptocurrencies.

Bitcoin enabled the ability for fast, global, secure and anonymous transactions to occur. Before the utilisation of cryptocurrency, ransom demands requiring money were a lot more dangerous. Creating a bitcoin wallet is not an extensive process either, it can take only a mere number of minutes alongside this a bitcoin wallet or the transactions can be easily connected to a real-world identity. The process of associating a bitcoin wallet to an individual would require the individual converting the bitcoin into fiat currency, and then transferring it into a bank account which is the part that cybercriminals can get traced through. However, many cybercriminals can get around this by converting the bitcoin into some other digital currency.

The majority of the ransoms paid during are generally in cryptocurrency and many organisations have taken extraordinary approaches by stockpiling Bitcoin in expectation of future ransomware attacks. The growth of ransomware would have been put to a halt if not for the uses of cryptocurrencies, its anonymity and ease of use has made it easier for online criminal activity to prosper. Because of that, and also in response to several recent high-profile ransomware attacks, some have called for cryptocurrency to be regulated more closely. Governments are not able to do a substantial amount about cryptocurrency as most people cannot comprehend the depths of cryptocurrency.

The value of cryptocurrency during a ransomware attack is the transparency of cryptocurrency exchanges. A hacker can simply watch the public blockchain to see if victims have paid up, and can automate the process of giving a victim their files back once this payment has been received. The correlation between cryptocurrency and ransomware is unlikely to be broken anytime soon. To read more about cryptocurrency and the role it plays in ransomware, click here to read our handbook.