Ransomware Bitcoin Demands

Among the most typical and serious cyber attacks is ransomware, wherein a threat actor encrypts an organization’s data until a ransom request is satisfied. These attacks are not only increasing in number, but also in severity.In the first half of 2021, the average ransom payment increased by 60%, with Bitcoin being used for the majority of payments.

Bitcoin represents about 98% of ransom payments. Whether an organization is paying ransom or trying to recover data on its own, it is essential to be aware of Bitcoin when planning a response to a cyber-incident.

Understanding ransomware

Ransomware is a rapidly emerging criminal activity affecting businesses, financial institutions, government agencies, medical facilities and other organizations; it is a product of the advancement of digital technology. While the advancement of digital technology has given businesses the ability to improve their relationships with consumers by offering more personalized services at a personalized cost, the technology is not only being used by legitimate users to improve their processes. Bad guys are also using the new technological tools to increase their online attacks, either for fun or to enrich themselves. Data breaches are being committed to steal people’s personally identifiable information and sell it through underground web channels in exchange for legitimate payments or cryptocurrency.

Cyber attacks like denial of service (DoS) can be done for fun or to make a statement. Some attackers deny a company access to their computer by demanding a certain amount of bitcoin as payment to regain access to the system. The last unscrupulous way to get money is through ransomware, which in a way is a form of DoS attack.

Why Bitcoin?

Bitcoin, like other cryptocurrencies, allows cybercriminals to obtain money with a high degree of anonymity, which makes it difficult to track transactions. Bitcoin has gained notoriety as a common currency on the dark web, where it continues to be popular. It is considered the quintessential cryptocurrency, easy to acquire and use, leading threat actors to believe that victims are more willing to pay.   

Occasionally, cyber threats draw attention to other cryptocurrencies, such as Monero and Zcash. These have additional privacy features that make it harder to track beneficiaries, but they are the exceptions to the rule.

Can cybercriminals be tracked?

Law enforcement, private companies, and service providers have joined forces to develop methods to track bitcoin transactions. These approaches combine multiple data sources (including social media activity) and analytics to identify transaction patterns that sometimes allow individual identities to be determined.

However, cybercriminals use obfuscation techniques to increase anonymity and avoid detection. One common approach is “shuffling,” in which a service provider mixes the assets of different users to disrupt transaction tracking and make it unlikely that they will be discovered.

What can be done?

As ransomware attacks become increasingly common, businesses need to be well prepared. Effective data backup is critical. And it’s important to update your contingency plans to specifically address ransomware.