With an increasing number of people being forced to work from home, data suggests ransomware attacks are at an all-time high, with the frequency of these incidents increasing by 45% in the month of April 2021 alone. Not only that , some are adamant that the increase in ransomware attacks is closely linked to the meteoric growth of the crypto industry.
Additionally, amid the recent positive activity in the crypto market, news from US regulators aggressively studying the crypto-ransomware link seems to dampen the mood somewhat, especially as various government agencies seem to view crypto ransomware as a big problem requiring serious action.
As the adoption of digital assets continues to expand in the United States, it appears lawmakers are looking to better understand how these offerings can be used for legal and illegal purposes. For example, the Ransom Disclosure Act, which was introduced by Senator Elizabeth Warren and Representative Deborah Ross on October 5, requires victims of ransomware attacks to disclose information about any ransom payment they may have faced to the Department of Homeland Security (DHS).
The goal here, according to Warren and Ross, is to amass critical data on fiat and cryptocurrency payments, which can potentially be used by relevant regulators to protect investors from cybercrime as well as to curb any illicit financial activity taking place in the United States. . In addition, the bill also seeks to investigate the direct role of cryptocurrencies in ransomware attacks, an effort that will be led by the Department of Homeland Security.
Likewise and most recently, Deputy Attorney General Lisa Monaco revealed that the Department of Justice has launched a new initiative dubbed the National Cryptocurrency Enforcement Team which seeks to eliminate all projects that could allow criminals to launder their crypto products. “We want to strengthen our ability to dismantle the financial ecosystem that allows these criminal actors to thrive and profit from what they do,” Monaco said.
What is driving this wave?
To better understand why U.S. regulators are making such a concerted effort to crack down on any crypto-related ransomware, UKTN reached out to Kadan Stadelmann, chief technology officer of open source blockchain solutions provider Komodo.
In his opinion, a quick glance at the data available online shows that all kinds of ransomware attacks – not just crypto – are on the rise, adding, “Just look at the statistics. Palo Alto Networks reported last month that the average ransom payment for 2021 is currently around $ 570,000, 82% higher than the 2020 average of $ 312,000. 2020 was also a lot worse than 2019. ”He added:
“To reverse this trend, a more mature regulatory landscape is needed for the blockchain industry as well as improved cybersecurity overall over the next decade.”
When asked if large expenditures for such research activities were justified, Stadlemann felt that not only should governments put more measures in place, but that they should also allocate additional funds and resources to these. same purposes. On this, he went on to say that governments can start by adopting policies that ensure that businesses and anyone using critical infrastructure are better prepared for such events. “
Sharing a relatively similar sentiment, Du Jun, co-founder of the Huobi cryptocurrency exchange, told UKTN that it is the responsibility of every government to prevent money laundering (AML) as well as fight against the financing of terrorism (CFT) within their borders. , adding that it is only natural that the US government has taken the necessary regulatory steps to regulate its crypto market. He added:
“It is difficult to treat cryptocurrencies as a method of payment, given the lack of clarity regarding responsibility for AML / CFT compliance and the absence of a central oversight body. These actions can present challenges for crypto firms, but will benefit the ecosystem in the long run, shielding investors from uncertainty and fostering a better trading environment.
Finally, he felt that in addition to just oversight, the US government should also allocate more resources to encourage the growth of new businesses in this space, making the country more competitive and attractive to crypto enthusiasts.
Expenses are justified
Taking a more numbers-driven approach, Marie Tatibouet, marketing director of cryptocurrency trading platform Gate.io, told UKTN that in 2020, the total ransom paid by victims of cyberattacks has reached nearly $ 350 million worth of crypto. With that number in mind, she added:
“This number will inevitably continue to increase year on year. Warren’s “Ransom Disclosure Act” on paper therefore makes sense. If you are a victim, you must disclose information about ransom payments no later than 48 hours after the payment date.
Having said that, she acknowledged that the main problem most people have with the U.S. government is that in recent times Biden and his company have cracked down on the crypto industry very harshly through the introduction of the recent bill. on infrastructure, as well as other sanctions. “So, it’s understandable that people are a little cautious about anything the government does,” Tatibouet added.
Sergey Zhdanov, chief operating officer of digital currency trading platform EXMO, told UKTN that the measures taken by the United States confirm that regulators are not seeking to ban cryptocurrencies. (as China has done) but instead want to carve a path through which digital assets can be integrated into the traditional financial system. He then said:
“Developing new and effective methods to end the illegal use of cryptocurrencies and money laundering is a critical step that will take the crypto industry to its next level of development.”
Increased regulations, a win-win for everyone?
Hunain Naseer, editor-in-chief of OKEx Insights, told UKTN that regulatory efforts launched globally are aimed at bringing a level of clarity to this space that can help investors enter this growing space more easily. fast with peace of mind. He then explained the topic by saying:
“It makes sense to focus on such initiatives that make online interactions and commerce, including cryptocurrency transactions, safer for everyone. These steps will also help regulators authorize a wider variety of crypto-based financial products for retail. “
Nischal Shetty, founder of cryptocurrency exchange WazirX, told UKTN that any regulatory action to track and eliminate criminal activity should always be welcome, especially in a growing industry as fast as this. .
In his view, the rationale for such moves seems quite clearly rooted in the fact that governments ultimately want to protect consumers without stifling innovation, adding: by ensuring that criminal activity is identified and eliminated.
Additionally, on October 5, blockchain analytics firm Chainalysis announced that it had facilitated the purchase of cybercrime investigation firm Excygent for an undisclosed amount, hinting that the takeover will allow the two companies to work together and “dismantle ransomware operations” that may be active around the world. .
In the past, Chainalysis has worked with Excygent on the seizure of cryptocurrency linked to the now defunct darknet market Silk Road, as well as the shutdown of various terrorism and child abuse portals operating online.
In general, crypto native blockchain analytics companies have grown to gain support not only from the US government, but also from a number of prominent private players, with CipherTrace having been taken over by a traditional entity – in this case. like MasterCard – earlier this year.
What is the future of ransomware crime?
As the crypto landscape continues to evolve and expand, Chainalysis CEO Michael Gronager believes tracing the flow of ransomware payments on the blockchain will be critical for law enforcement to deter, analyze and dismantle all existing ransomware operations today, as he told UKTN:
“Paradoxical as it may sound, it can actually be of benefit to investigators when bad actors choose to use cryptocurrency when they commit crimes.”
In this regard, it is relevant to mention that hackers have become aware of the fact that, contrary to what people keep repeating as if cryptography is completely anonymous, it is in fact extremely easy to trace individual transactions back to the past. ‘to their owners, because all records and transitions are maintained on a blockchain.
Moreover, amidst the multitude of recent hacking stories such as those related to Poly Network and SushiSwap, the interesting thing is that the incidents have not cost the platform or its users any money. , because companies and regulators have intervened to secure the flow of funds through blockchains. And while that may be bad for the notion of decentralization, the point is that the funds are safe.
Related: Poly Network hack exposes DeFi flaws, but community comes to the rescue
Gronager further hinted at cases such as NetWalker, a ransomware operator that allegedly targeted hospitals during the pandemic and collected more than $ 25 million in ransoms in 2020, as well as Suex OTC, a company that allegedly allowed hackers to access cryptography sent as payment for ransomware attacks, as prime examples of the need for heightened ransomware defense these days.
Thus, the fact that regulators are taking decisive action to focus on initiatives related to crypto ransomware is not unilaterally welcomed by everyone in the crypto industry. While some believe more can be done to make the digital asset ecosystem safer for new entrants through the use of regulation, others say the role of ransomware in crypto is overstated and that a strict regulation will stifle freedoms and worsen the image of the industry.
However, most agree that ransomware has no place in the industry and that regulation, if properly enforced, will go a long way in securing the industry and ensuring long-term prosperity and adoption.