For Ransom, Bitcoin Replaces the Bag of Bills

Uploaded on 2015-08-04 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW, BUSINESS-Services-Financial

26db-ransom-web-popup.jpg

A screengrab of a message sent by a hacker demanding Bitcoins for unlocking encrypted files.

In the old days, criminals liked their ransom payments in briefcases full of unmarked bills. These days, there’s a new preferred method for hostage takers: the virtual currency Bitcoin. In a modern day version of a mob shakedown, hackers around the world have seized files on millions of computers, taken down public websites and even, in a few cases, threatened physical harm. The victims, who have ranged from ordinary computer users to financial firms and police departments, are told that their only way out is through a Bitcoin payment that is sometimes more than $20,000.

One set of attackers, believed to be based in Russia and Ukraine, collected about $16.5 million in Bitcoins in a little over a month, primarily from victims in the US, according to the security firm Sophos.

Criminals like the virtual currency because it can be held in a digital wallet that does not have to be registered with any government or financial authority — and because it can be easily exchanged for real money. At the moment, a single Bitcoin can be sold online or on the street for around $290.

Bitcoin, which was released by an anonymous creator in 2009, has recently been gaining mainstream appeal. Start-ups in the industry have won investments from big names like Goldman Sachs and the New York Stock Exchange, which have praised the technology as a faster, more efficient way to complete financial transactions.

But the proliferation of ransom demands has provided an unhappy reminder of the virtual currency’s continuing appeal to the criminal underworld, long after the authorities shut down the online drug bazaar, Silk Road, where heroin and cocaine were sold using Bitcoin.

The latest reminder of Bitcoin’s underbelly came last week with the arrest of two Florida men. The authorities said victims of malware were steered to Coin.mx, a site run by the two men, to buy the Bitcoins to pay the ransom demanded by the malware. The complaint suggested that the criminals also used the site to launder their proceeds.

A police department in New Hampshire that was hit by CryptoWall in June 2014, refused to hand over the ransom and was able to revert to backup files. But more recently, police departments in Dickson County, Tenn., and Tewksbury, Mass., have said that they chose to pay the roughly $500 ransom rather than deal with the headache of trying to circumvent the hackers.
Beyond these attacks, extortionists went after two longtime Bitcoin advocates last year, threatening to exploit personal information about the men’s families if they did not pay up.

Some leaders in the Bitcoin community have suggested potential ways to fend off the ransom threats, digitally marking any coins used for ransom payments, similar to how dollar bills used in hostage situations are marked with invisible dye.
But such solutions have been held up because of the value that many Bitcoin believers have put in the virtual currency’s unfettered free movement.
NYT: http://nyti.ms/1KNVnTi

« Google Gives Customers Control of Encryption Keys
3D Xpoint Memory: Faster-than-flash Storage »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

European Council on Foreign Relations (ECFR)

European Council on Foreign Relations (ECFR)

ECFR is a pan-European think-tank conducting research and promote informed debate on European foreign policy. Cyber security is becoming an intrinsic element of foreign policy debate.

Security Innovation

Security Innovation

Security Innovation is a leader in software security assessments and application security training to top organizations worldwide.

Intrasoft International

Intrasoft International

Intrasoft International is a leading European IT Solutions and Services Group offering a full range of IT services including Information Security.

Perception Point

Perception Point

Perception Point is a Prevention-as-a-Service company, built to enable digital transformation. Our platform offers 360-degree protection against any type of content-based attack.

SoSafe

SoSafe

SoSafe empowers organizations to build a security culture and mitigate risk with its GDPR-compliant awareness programs.

TOAE Security

TOAE Security

TOAE Security is a trusted cyber security consulting partner helping today's leading organizations protect their most important assets from evolving cyber threats.

Cyway

Cyway

Cyway is a value-added cybersecurity distributor focusing on on-prem, cloud solutions and hybrid solutions, IoT, AI & machine learning IT security technologies.

C3.ai Digital Transformation Institute

C3.ai Digital Transformation Institute

The C3.ai Digital Transformation Institute is a research consortium dedicated to accelerating the benefits of artificial intelligence for business, government, and society.

PlexTrac

PlexTrac

PlexTrac is a cybersecurity reporting and workflow management platform that supercharges security programs, making them more effective, efficient, and proactive.

Ascent Solutions

Ascent Solutions

Ascent is built to help firms evolve their cybersecurity posture, modernize their Microsoft solutions, and accelerate their journey to the cloud.

Sitehop

Sitehop

Sitehop is a cybersecurity technology company developing and supplying FPGA hardware-enforced cyber security solutions for networks.

Crispmind

Crispmind

Crispmind creates innovative solutions to some of today’s most challenging technology problems.

SEALSQ

SEALSQ

For the last 25 years, SEALSQ have been developing secure semiconductor chips, secure embedded firmware, and tested hardware provisioning services to serve the vision of a safer connected world.

WaveLink

WaveLink

WaveLink offers low risk, results-oriented Engineering Services and best-of-class Technical Support Services. Areas of expertise include cyber and security engineering.

Hydden

Hydden

Hydden gives security teams the ability to create a solid foundation to build a truly next-gen identity security practice by bridging the gaps between siloed teams and technologies.

Zyxel Networks

Zyxel Networks

Zyxel Networks is a leading provider of secure, AI-powered networking solutions for small to medium businesses (SMBs) and the enterprise edge.