Within the last year or so, cryptocurrencies such as Bitcoin have become immensely popular. To some, they are considered to be smart investments, while others believe that cryptocurrencies are unreliable and for suckers. One particular group of people, however, seems to be benefitting greatly from the mysterious virtual coins.
As mentioned in our previous article covering cryptocurrencies, they are of great interest to those within privacy circles. However, one branch of that overall group is always looking to cover their tracks for malicious purposes.
In the event of a cyberattack, whether it be ransomware or a Trojan horse, the victim is usually offered an ultimatum: either pay up or suffer the consequences. The preferred payment method of these criminals is cryptocurrency, the most popular being Bitcoin.
In fact, the U.S. Treasury Department’s Financial Crimes Enforcement Network (FinCEN) has identified roughly $5.2 billion worth of outgoing Bitcoin transactions that are likely tied to the top 10 most commonly reported ransomware attacks. Additionally, FinCEN reported that “the mean average total monthly suspicious amount of ransomware transactions was $66.4 million and the median average was $45 million.”
The use of cryptocurrencies is also popular amongst lesser hackers, who often target social media accounts through methods of social engineering and oversharing. They commonly use these methods to obtain usernames that would sell for a pretty penny on the black market. Alternatively, they are used to get into the account and extort the original owner into paying them via cryptocurrency to retrieve the account.
At this point, you must have one burning question: why would these criminals choose to use cryptocurrencies instead of less volatile options? While it is true that the U.S. dollar is more stable than any given cryptocurrency, their usefulness to cybercriminals can be boiled down to two major components – the ease of transactions and decreased likelihood of getting caught. Let’s look at this within the scope of the Colonial Pipeline, which was the victim of a ransomware attack earlier this year that paid $5 million to hackers.
Cryptocurrencies know no boundaries – quite literally. While monetary transactions are often limited to the currencies of their country, whether it be in pennies, pounds, pesos, etc., cryptocurrencies can be transferred seamlessly across borders. They are also subjugated to low levels of federal management, leaving transactions relatively unmonitored. In fact, the European Banking Authority (EBA) stated that crypto assets often fall outside the scope of the EU financial regulations.
Infamously, the Colonial Pipeline was attacked by Russian hackers despite being located within the United States.
One of the biggest benefits of using crypto to cybercriminals is, by far, the fact that it is much more difficult to get caught. Transactions through typical outlets, such as bank transfers or other online vendors (e.g., PayPal), are often tied to an individual’s name and are regularly tracked by the organizations managing them.
Bearing this in mind, using cryptocurrencies as your method of payment adds a layer of anonymity that would otherwise not exist. This ultimately complicates the process when trying to find who exactly is behind the virtual wallet.
This is where Colonial Pipeline’s case is extremely tricky. Instead of being up against any individual, they were against “DarkSide,” which is a group. In other words, they would not only have to find one person, but multiple people, all of which are disguised under pseudonyms and blockchain wallets.
While cryptocurrencies may be trendy and have the capacity to be used for investment purposes, they also have nefarious applications. The same veil of privacy that was intended for users to feel more secure in their transactions can be exploited by others who use it as a tool to hide themselves after committing a crime.