As some of you may know, at least those who have been affected by a crypto malware, payment of the ransom is typically carried out in Bitcoin.
Bitcoin is a virtual currency created by some very clever people. Unlike most currencies, it is unregulated by governments and its value is entirely dependent on the people using it instead of on interest rates or central banks. It also delivers payment anonymity which is unmatched by any other financial system. It is this element of total anonymity that has been an enabler of crypto malware and other cybercrimes as it eliminates the risk that attackers would have otherwise faced in monetizing their attacks.
The entire business model of crypto malware is based on being able to receive a payment easily, quick, anonymous and securely– all of which are criteria that Bitcoin delivers on perfectly! This is why Bitcoin was also the main payment form on the Silk Road website, which mostly dealt in illegal products that resulted in it being closed down by FBI back in 2012.
What is interesting is that Bitcoin today is also considered a safe haven for investors as it is not impacted by geopolitical and other issues that plague financial systems such as stock markets, or precious metals such as gold. As an example, when Donald Trump won the election, and when Prime Minister Modi issued the financial reforms in India, the value of Bitcoins soared to levels never seen before. It has not really come down from there. Thus, Bitcoin delivers a simple, efficient and anonymous way to lock in value- something which is always in demand in a nervous financial market! Because of this, Bitcoin has now turned into a serious currency and the market cap has increased five-fold to 17 billion USD!
So how does one utilize Bitcoin?
Well, that is the clever part! Today there are hundreds of Bitcoin exchanges around the world, that offer to exchange your anonymous Bitcoins for cool cash in the form of USD transfers, and credit cards. Or you can even perform transactions on websites to buy products and services in Bitcoin directly. All this means that Bitcoin today offers attackers a level of flexibility, stability and value that has never been seen before.
The Value of Bitcoin
At the time of writing this article, one Bitcoin was worth around 1180 USD. A year ago, this was around 200 USD, and if you go back just 4 years it was around 10 USD! What everyone also needs to know is that Bitcoin is unregulated by governments and highly volatile, meaning that the value of a Bitcoin against the USD can fluctuate by 10-20% in the matter of mere days.
What does this mean for victims of Ransomware
The fluctuating value of Bitcoin can have a staggering impact on victims. When a crypto malware campaign is being designed, the attackers typically set a price against the value of USD. For some campaigns, the cost of decryption is simply hard coded in the malware, so the cost of Bitcoin can have a direct implication to how much it will take to unlock a crypto malware. Or put it in another way, when President Trump tweets or when Prime Minister Modi decides to reform the Indian currency system, all the victims of ransomware are overnight required to pay more to get their files decrypted.
For the record, with this blog entry, I am not trying to make any statement or take a stance on Bitcoin. I simply intend to highlight that with all the great features the currency comes with and the promise of it not being manipulated by financial systems and central banks, the unregulated and anonymous behavior of Bitcoin opens up big concerns when the currency is exploited.
In the end, I believe it is a double-edged sword and reckon it all comes down to privacy. I for one do not like that my browsing behavior on the internet is logged, that CCTV cameras takes pictures of me, that my credit card transactions can be tracked or that the GPS on my phone can report and record my location. Yet, when we can catch the bad guys with this kind of technology I am all for it!
Today technology is no longer the limitation, so with technology comes great responsibility – Bitcoin is no different!
Nicolai Solling, CTO at Help AG