Bad actors rarely sleep. Whether their threats are in person, such as violent terrorist acts, or to our infrastructure, such as shutting down the Colonial Pipeline, an increasingly concerning trend is the use crypto ransomware to demand payments or to accept contributions in often untraceable cryptocurrencies and assets.
Cryptocurrency has driven advancements in the finance industry and spurred new markets, influencing companies and individuals with innovative ways to meet global economic needs.
Still, even though a notable majority of crypto transactions are executed for legitimate purposes, cryptocurrencies have attracted cybercriminals and bad actors keen to leverage its pseudonymous nature to enable transactions outside of traditional financial systems.
Crypto-Ransomware at Large
Crypto-ransomware payments have skyrocketed to $406.3M in 2020, a 337% increase from 2019, according to reports. And as of May 2021, at least $81M has been taken from various companies and industries.
Many enterprises have paid many millions of dollars in ransom – but cybersecurity firms say these are often kept from public knowledge, meaning the real figure is probably much higher.
FBI Director Christopher Wray, in an interview, stated, “In general, we would discourage paying the ransom because it encourages more of these attacks, and frankly, there is no guarantee whatsoever that you are going to get your data back.”
Still, companies that suffer crypto-ransomware attacks often end up paying. Even then, there remains a high chance that the threat actor can still decide to not return stolen data or release their locked systems after the payment goes through. However, some companies become desperate enough to fold under the threat.
Insurance against cybercrimes also influences victims to willingly pay ransom, as they are often covered by the company’s insurance policy. Because of this, ransomware hackers actively seek out insured targets, and with the rise of RaaS, Ransomware as a service, the barrier to entry is lower than ever.
Hope on the Horizon
Fortunately, there have been notable successes of terrorist donor networks, scammers and ransom cells being identified and shut down.
- Europol and its law enforcement partners disrupted an organized cyber crime network behind a slew of ransomware attacks since 2019, which affected 1,800 victims across 71 countries, including Norwegian industrial company Norsk Hydro.
- BlackMatter, a ransomware operation that succeeded DarkSide, is also allegedly shutting down, citing “pressure from the authorities” as the main reason.
- The US and Russia have also started collaborating more closely to crack down on Russian cybercriminal organizations, according to a New York Times report.
Moreover, US Deputy Attorney General Lisa Monaco unveiled the Justice Department’s new enforcement initiatives in August 2021. These initiatives will enforce crypto-ransomware sanctions and target government contractors and cryptocurrencies that fail to report breaches.
The launch of the National Cryptocurrency Enforcement Team and a civil cyber fraud initiative will enable the federal government to disable financial markets that fund cybercriminals, and pursue companies who “fail to follow recommended cybersecurity standards.”
According to reports, 2021 has so far seen 32 incidents of hacks and fraud, for a total value of $2.99 billion. The US federal government has successfully seized Bitcoins and other cryptocurrencies across these cybercrimes, and have enlisted the help of Anchorage Digital, a safekeeping cryptocurrency platform, to store and liquidate digital assets that federal law enforcement seizes following criminal investigations.
How AnChain Helps the Crypto-Ransomware Fight
AnChain has the global leading database on crypto and smart contract transactions. In summary:
- Deepest: Industry’s largest database: 200 million addresses labels and counting, powered by machine learning
- Fastest: Real-time API returns calls in under a second.
- Smartest: Patented auto-tracing AI-based technology.
- Broadest: UTXO and Smart Contract tracing.
AnChain has taken its part in the crypto-ransomware and anti-money laundering initiatives of the government, as well. AnChain’s sophisticated AI-based analytical engine can be accessed through a user-friendly, web-based application called Compliance Investigation Security Operations (CISO). High speed, computer to computer access for big data mining is offered through our Blockchain Ecosystem Intelligence (BEI) API.
A recent Trend Micro report reveals the banking industry experienced a 1,318% year-on-year increase in ransomware attacks during the first half of 2021. On top of that, cryptocurrency miners have also become the most detected malware, now upstaging web shells and other famous ransomware like WannaCry.
These crypto-ransomware attacks, however, can be easily detected, prevented, and properly responded to with the help of BEI. Capturing crypto-ransomware criminals is expedited by our CISO’s AI-powered forensics.
A Necessary Partnership
With AnChain’s blockchain analytics capabilities, law enforcement can continue to crack down on crypto-ransomware related activities. Not only do they have the means to investigate attacks post-mortem, they can now help actively prevent illicit transactions before they even happen. In a world where such advanced threats to the nation’s security and stability are rampant, this is indeed a necessary partnership.
To learn more about how AnChain can help law enforcement and your organization, feel free to check us out here.