For Ransom, Bitcoin Replaces the Bag of Bills

Uploaded on 2015-08-04 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW, BUSINESS-Services-Financial

26db-ransom-web-popup.jpg

A screengrab of a message sent by a hacker demanding Bitcoins for unlocking encrypted files.

In the old days, criminals liked their ransom payments in briefcases full of unmarked bills. These days, there’s a new preferred method for hostage takers: the virtual currency Bitcoin. In a modern day version of a mob shakedown, hackers around the world have seized files on millions of computers, taken down public websites and even, in a few cases, threatened physical harm. The victims, who have ranged from ordinary computer users to financial firms and police departments, are told that their only way out is through a Bitcoin payment that is sometimes more than $20,000.

One set of attackers, believed to be based in Russia and Ukraine, collected about $16.5 million in Bitcoins in a little over a month, primarily from victims in the US, according to the security firm Sophos.

Criminals like the virtual currency because it can be held in a digital wallet that does not have to be registered with any government or financial authority — and because it can be easily exchanged for real money. At the moment, a single Bitcoin can be sold online or on the street for around $290.

Bitcoin, which was released by an anonymous creator in 2009, has recently been gaining mainstream appeal. Start-ups in the industry have won investments from big names like Goldman Sachs and the New York Stock Exchange, which have praised the technology as a faster, more efficient way to complete financial transactions.

But the proliferation of ransom demands has provided an unhappy reminder of the virtual currency’s continuing appeal to the criminal underworld, long after the authorities shut down the online drug bazaar, Silk Road, where heroin and cocaine were sold using Bitcoin.

The latest reminder of Bitcoin’s underbelly came last week with the arrest of two Florida men. The authorities said victims of malware were steered to Coin.mx, a site run by the two men, to buy the Bitcoins to pay the ransom demanded by the malware. The complaint suggested that the criminals also used the site to launder their proceeds.

A police department in New Hampshire that was hit by CryptoWall in June 2014, refused to hand over the ransom and was able to revert to backup files. But more recently, police departments in Dickson County, Tenn., and Tewksbury, Mass., have said that they chose to pay the roughly $500 ransom rather than deal with the headache of trying to circumvent the hackers.
Beyond these attacks, extortionists went after two longtime Bitcoin advocates last year, threatening to exploit personal information about the men’s families if they did not pay up.

Some leaders in the Bitcoin community have suggested potential ways to fend off the ransom threats, digitally marking any coins used for ransom payments, similar to how dollar bills used in hostage situations are marked with invisible dye.
But such solutions have been held up because of the value that many Bitcoin believers have put in the virtual currency’s unfettered free movement.
NYT: http://nyti.ms/1KNVnTi

« Google Gives Customers Control of Encryption Keys
3D Xpoint Memory: Faster-than-flash Storage »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Open Networking Foundation (ONF)

Open Networking Foundation (ONF)

The Open Networking Foundation (ONF) is a non-profit operator led consortium driving transformation of network infrastructure and carrier business models.

StrongKey

StrongKey

StrongKey (formerly StrongAuth) is a leader in Enterprise Key Management Infrastructure, bringing new levels of capability and data security at a price point significantly lower than other solutions.

Monegasque Digital Security Agency (AMSN)

Monegasque Digital Security Agency (AMSN)

AMSN is the national authority in charge of the security of information systems in Monaco.

Belden

Belden

Belden is a global leader in signal transmission and security solutions for mission-critical applications in enterprise and industrial markets. Belden brands include Hirschmann and Tofino Security.

Secon Cyber Security

Secon Cyber Security

Secon Cyber Security is an Advanced Managed Security Services Provider with long standing experience of providing cyber security solutions to customers ranging from small to large enterprises.

Startups.be

Startups.be

Startups.be helps tech entrepreneurs to be successful by providing quality access to service providers, business partners, customers and investors.

Angoka

Angoka

Angoka provide hardware-based solutions for managing the cybersecurity risks inherent in machine-to-machine communication networks.

Vigilant Technology Solutions

Vigilant Technology Solutions

Vigilant is a global cyber security technology company offering solutions to manage entire IT & cyber security lifecycles.

StackHawk

StackHawk

StackHawk is built to help dev teams ship secure code. Find and fix bugs early before they become vulnerabilities in production.

Axitea

Axitea

Axitea designs, implements and develops the solutions best suited to its customers’ needs and their physical and cyber security requirements.

CICRA Consultancies

CICRA Consultancies

Cicra Consultancies is a company that specializes in cyber security. Our major activities are guided by three main principles: Prevent, Investigate, Prosecute.

SynSaber

SynSaber

SynSaber is a data collection, detection, and visibility solution that forms the foundation of industrial cybersecurity.

Allentis

Allentis

Allentis provide adapted solutions to ensure the security and performance of your information system.

6clicks

6clicks

6clicks is an easy way to implement your risk and compliance program or achieve compliance with ISO 27001, SOC 2, PCI-DSS, HIPAA, NIST, FedRAMP and many other standards.

Cardonet

Cardonet

Cardonet is an IT Support and IT Services business offering end-to-end IT services, 24x7 IT Support to IT Consultancy, Managed IT and Cyber Security.

Valimail

Valimail

Valimail delivers the only complete, cloud-native platform for validating and authenticating sender identity to stop phishing, protect and amplify brands, and ensure compliance.