Are Ransomware and Cryptocurrency Inextricably Linked?

Is cryptocurrency the fuel behind the massive surge in ransomware attacks over recent years? The question of whether ransomware and cryptocurrency are linked is more complicated than it may seem. While many hackers make use of cryptocurrency for raking in ransomware payments, there are more factors at play than many realize. In fact, certain features of cryptocurrency may just be the key to toppling today’s ransomware empires.

The Link Between Cryptocurrency and Cyber Crime

The annual number of reported ransomware attacks rose 92.7% from 2020 to 2021. Victims range from everyday people to some of the biggest companies in the world. The rate of ransomware attacks has been on a meteoric rise over the past decade, particularly since the onset of the COVID-19 pandemic in 2020.

Amidst this unsettling increase in ransomware attacks, many people are putting the blame on cryptocurrency. The argument is tied to the fact that the vast majority of ransomware attacks today demand payment in cryptocurrency, typically Bitcoin. Since cryptocurrencies are exchanged anonymously, it is easy for hackers to steal large sums of money without fear of ever being tied to the crime.

Is Crypto Really Responsible for Ransomware?

The short answer is yes – cryptocurrency and ransomware are linked. However, it may not be entirely accurate to say that cryptocurrency is solely responsible for recent surges in ransomware activity. One could equally argue that the internet is dangerous because that’s how hackers transmit their malware.

Few would consider the entire internet itself dangerous or malicious, though. Even if some extreme action was taken to stop ransomware by shutting off the internet, hackers would adapt and find new ways to commit crimes. For example, malicious USB thumb drives are already being used to deliver ransomware to computers, even offline.

The same reality applies to cryptocurrency. Crypto is an enabler of cybercrime, not the catalyst. Even if cryptocurrencies were banned entirely, ransomware would evolve and live on.

Additionally, it is worth remembering that ransomware is not a new issue. The first known ransomware attack occurred in 1989, 20 years before Bitcoin was released in 2009. Clearly, ransomware was a problem long before cryptocurrency came along. Hackers would use other methods for payment, such as checks, money orders, wire transfers, and even gift cards.

Other Factors to Consider

Cryptocurrency may be the favorite payment method for ransomware attackers, but it is not the only factor contributing to the rise in ransomware incidents. For example, when the COVID-19 pandemic started in 2020, millions of people switched to remote work at once with little warning, which was closely linked to a rise in phishing and malware attacks.

Interest in cryptocurrency has increased over the years, but millions of people didn’t suddenly start using it when the pandemic started. This rise in cybercrime in 2020 can largely be attributed to a rapid shift to online operations around the clock, when many people had little knowledge of cyber hygiene or cybersecurity tools.

Practices like backing up data in multiple places with the 3-2-1 backup rule and using multi-factor authentication on passwords are now better known due to increases in phishing and ransomware during the height of the COVID-19 pandemic. However, early on, hackers took advantage of weak passwords, unwary victims, and droves of remote workers with little to no cybersecurity at home.

In addition to droves of easy targets, the rise in ransomware over recent years can also be linked to the emergence of ransomware-as-a-service, or RaaS. This trend is a booming business in cybercrime circles. In the RaaS model, skilled hackers develop ransomware programs that they license out to other hackers, often amateurs, to use in their own attacks. The ransomware developer is usually paid with a cut of the profits.

The rise of RaaS has allowed a large population of minimally skilled cybercriminals to launch sophisticated ransomware attacks. As a result, there are more hackers out there today than in previous years. With more active cyber criminals and more potential victims online, rates of ransomware incidents will go up. Cryptocurrency makes it easier for these criminals to operate, but they would exist even without crypto, as they did in the past.

Can the Link Between Crypto and Ransomware Be Broken?

Ironically, the fact that cyber criminals favor cryptocurrency so much could potentially be used to catch hackers and recover ransomware payments for victims.

Cryptocurrencies live on blockchains, huge public ledgers that record every transaction people make using the cryptocurrency, such as Bitcoin or Ethereum. Transactions on the blockchain are anonymous – users’ names and account information are hidden. This feature helps protect the privacy of users, including law-abiding citizens who benefit from the added security of anonymity.

Using the Blockchain as a Defense

However, the blockchain also has some features that can be used against cyber criminals. For example, blockchain ledgers are viewable by everyone using the ledger and transactions are verified by huge networks of computers tied into the network. Effectively, it is virtually impossible to completely destroy a blockchain ledger. Additionally, data recorded in the ledger cannot be altered, manipulated, or edited by anyone once it is in the ledger.

As a result, cybercriminals may be able to go anonymous in the blockchain, but they can’t falsify their transactions. The public nature of blockchain makes it possible for others to take notice of suspicious transactions. In fact, the ability to trace transactions in blockchain ledgers allowed law enforcement officials to recover some of the $4.4 million Bitcoin ransomware payment from the Colonial Pipeline attack in 2021.

Exchange Regulations

Strategic innovations in blockchain technology could allow law enforcement officials to more easily recover ransomware payments and even catch cybercriminals. Additionally, some nations are using stricter regulations for cryptocurrency exchanges to make it more difficult for ransomware attackers to use cryptocurrencies.

Among the most famous of these crackdowns is the British Financial Conduct Authority’s banning of the Binance crypto exchange in 2021. The FCA banned Binance from offering any regulated services in the U.K., effectively crippling British operations for the world’s most popular crypto exchange. The ban is part of a growing effort around the world to enforce greater oversight and regulation for cryptocurrencies, in an effort to protect law-abiding citizens from the cyber criminals who are exploiting cryptocurrencies.

Separating Cryptocurrency and Ransomware

Ransomware and cryptocurrency are linked, but cryptocurrency can’t be solely blamed for the rise in ransomware incidents over recent years. There are many factors contributing to the proliferation of ransomware and cybercrime.

Stronger regulations on cryptocurrency exchanges as well as greater innovation in blockchain technology could allow law enforcement officials to make cryptocurrency safer for law-abiding citizens and less functional for cybercriminals. Additionally, better cybersecurity awareness can go a long way toward protecting individual users and devices from ransomware. Despite the link between cryptocurrency and ransomware, certain features of crypto may end up being the key to bringing down ransomware attackers.