Why cryptocurrencies are causing an international racket

Rob Rae, VP, Datto | Nov. 30, 2017

This vendor-written piece has been edited by Executive Networks Media but readers should note it will likely favour the submitter's approach.

rob

There's no doubt that ransomware is still worldwide 1epidemic.

Discussions with our Managed Service Provider (MSP) partners and end users in Singapore and the wider region indicate that the threat of ransomware is stronger than ever, and the stakes have never been higher.

Recently, a family-owned flower shop that suffered a US$3,000 ransomware attack. They didn't have the proper Back-up and Disaster Recovery (BDR) technology in place or the ability to pay the ransom demand. With limited cash flow, this was the straw that broke the camel's back, and they were forced to close their doors and walked away after 15 years.

What was the trigger that has allowed these thieves to start doing this?

It comes down to cryptocurrencies and how they facilitate extortion. Yes, that's right, extortion.

 

Gangster behaviour

Thinking about this sort of online criminal behaviour, you can't help but start drawing a correlation to old Hollywood gangster movies. In the movies, gangsters extort money from a small business owner using an implied threat of violence. "You wouldn't want your store to burn down, would you?" Of course, the small business owner has no choice but to pay up and the criminals walk away with the cash.

The situation is no different today. Hackers are extorting money from small businesses. This is cyber extortion. Thieves pick on SMBs because they often do not have the means to defend themselves. The SMB owner can't possibly stay on top of all the things they can leverage to protect their IT infrastructure and cryptocurrencies are making it difficult to track and slow these criminals down.

 

The problem with cryptocurrencies

Today one of the biggest challenges faced by cyber extortionists is how they obtain the cash. In the past, they would ask victims to deposit money into bank accounts or transfer funds via the likes of Western Union, all easily traceable. Fast forward to today and we have a myriad of decentralised cryptocurrencies like Moneto, Ethereum, and the most popular Bitcoin, which offer users fast transactions with full anonymity. If you're a cyber extortionist - what's not to love? This major development can be linked to the escalation in ransomware attacks across the world, being easy to use without the need for any middleman to transact.

According to a study earlier this year by 2Cambridge University, there are now over 6 million people transacting with Bitcoin, the majority of which is legitimate business.

As recent attacks like WannaCry and NotPetya have proven, the amounts of money attackers are asking for is often quite affordable for businesses, often ranging between SGD$400-$800 per computer, in return for data to be decrypted or access regained. This has led to larger enterprises including banks stockpiling Bitcoin in order to be ready to pay out when attacks happen. The logic here is that the cost of paying the ransom is usually far less than the implications of lost data and downtime to the organisation, which could be far more damaging overall. This is a vicious cycle however, contributing to a notable climb in the use and value of e-currencies, therefore making it easier for cyber extortionists to thrive. It's also very short sighted, proactively inviting more attacks, as cyber extortionists add these organisation to their 'will pay' list.

At Datto our mantra is and has always been, don't pay the ransom, don't pay the ransom, DON'T PAY THE RANSOM! First, when you pay the ransom, you are letting the thieves know that they have a fish on the line. You have money, and you value your data. They'll come back again and again. Even if you pay the ransom, there is a significant chance you won't get your data back anyway. We spend a lot of time working with our partners in Singapore and across the wider region to communicate this fact, as we know that SMBs can be low hanging fruit for these attacks, usually having way less time and money to commit to protecting their data.

This aside however, knowledge is king, so knowing how to react, could mean the difference between damage and disaster. According to our recent study 75 percent of MSPs report3 SMB clients experiencing business-threatening downtime as a result of a ransomware attack.

As new technologies emerge, and threats evolve, we know that even with the best will in the world and the most up-to-date security software, businesses can still be affected by cyber extortion. The only way to recover therefore is to ensure you can minimise the chance of downtime, and that means being prepared.

Thanks to the wonders of MSPs and software-as-a-service tech, even SMBs can afford to have a proper BDR solution in place to stay on top of ever-evolving threats, which could go a long way in keeping your doors open and your money in your pocket.



1https://www.datto.com/resources/ch-ransomware-survey-17?utm_campaign=ch-ransomware-survey-17&utm_medium=Blog&utm_source=22

2https://www.jbs.cam.ac.uk/fileadmin/user_upload/research/centres/alternative-finance/downloads/2017-global-cryptocurrency-benchmarking-study.pdf

3https://www.datto.com/resources/ch-ransomware-survey-17?utm_campaign=ch-ransomware-survey-17&utm_medium=Blog&utm_source=22