Amid the growing geopolitical threat of ransomware, crypto has become a stalking horse. Following a slew of high-profile exploits, there have been calls to ban or surveil blockchain networks, with the thinking that bitcoin catalyzes cybercrime (see link).
The risks of ransomware are real: any organization that relies on computers may be vulnerable to digital extortion and the threat isn’t always clear: malware can be developed or deployed by individuals, state-backed groups or hacking collectives, and the price is high and ever growing upwards: computer hijackings can disrupt critical infrastructure from the electricity grids to watersheds, endangering lives and economies.
Considering the amorphous threat that ransomware presents, crypto seems like a vector for concrete action. After all, the Colonial Pipeline hackers were paid in BTC. So was REvil, a group that once attacked Apple, which was paid $70 million in bitcoin for its recent Kaseya exploit. A new crowdfunding site, Ransomwhe.re, looks to track bitcoin payments to wallets associated with ransomware gangs.
But blaming crypto for the rise in ransomware is a mistake, ultimately, hackers will find a way with or without bitcoin. Cryptocurrency has certainly made ransomware more accessible and contributed to its proliferation, but without it these kinds of attacks would have persisted. When the malware industry first emerged in 2012, it was the norm to accept U.S. dollars for exploits.
While the recent trend of corporate hacks has primarily been funded through crypto – Chainalysis (a crypto analytics firm) found crypto payments to ransomware spiked to $412 million last year – that’s not reason enough to take action against a nascent industry. For one thing, we have absolutely no data on what corporate ransomware attacks might look like without cryptocurrency.
Ransomware attacks have been on the rise for a while, but some recent, very high-profile incidents are bringing this type of cyberattack to the forefront of mainstream awareness. Bitcoin is one of the key technologies that’s helping aid the current rise. So naturally, a number of individuals have called for banning the cryptocurrency (or all cryptocurrencies) to mitigate these attacks. Banning crypto won’t work. But there are steps that the industry can take to try and limit the spread of ransomware attacks.