Ransomware attack: Bitcoin is too tempting when you’re being extorted
Hoarding Bitcoin to pay off hackers may seem a better option for firms that can’t make the heavy investments needed to see off ransomware attacks
- EU finance ministers strike deal on overhaul of banking capital rules
- Big oil consumers start to lock-in prices as Brent urges to $80
- PSU bank recapitalisation plan stumbles as losses mount
- Govt orders out-of-turn coal supply to PSUs, private plants to be hit
- Oil prices fall as Russia floats gradual production increase
London: Behind the rise of ransomware lies the rise of Bitcoin, the virtual currency of choice for hacker blackmailers who steal huge amounts of sensitive data. That doesn’t mean Bitcoin is inherently to blame, but it does suggest that business has a Bitcoin problem. Buying the currency has become a form of short-term protection, however dicey, against attacks.
The logic is twisted but tempting. Hoarding Bitcoin to pay off hackers may seem a better option for companies that either don’t or can’t make the heavy investments needed to see off the attacks in the first place.
Paying ransoms certainly isn’t considered best practice in IT security circles. And that’s putting aside the principles of supporting criminals. But if you fall prey to a ransomware attack, there aren’t many options, especially if you have no data backup. One Los Angeles hospital reportedly paid about $17,000 to hackers to restore its computer systems last year.
Hopefully, the global outrage over WannaCry, which hit more than 200,000 computers in at least 150 countries, will nudge CEOs into trying something more than just playing along with the hackers. A study by Citrix Systems Inc. last year found one-third of British companies were hoarding digital currencies for future ransomware payoffs. It also found that one in five medium-to-large businesses didn’t have any broader contingency measures in place for this kind of attack.
And it’s not as if cyber-criminals offer guarantees. One in three Australian companies that pay off attackers don’t get their data back, according to Telstra Corp Ltd.
Unfortunately, with even blue-chip companies such as ArcelorMittal and Kering identifying ransomware as a risk in their annual reports, finding an alternative that works is neither easy nor cheap.
While Europol says “remarkably few” payments have been made in response to WannaCry, recent data suggest ransomware attacks are soaring—as is their cost. The first half of 2016 saw a doubling of ransomware attacks versus all of 2015, according to specialist insurer Beazley Plc. It found finance firms with yearly revenue below $35 million were among the top targets. These companies won’t have the deepest pockets to fight cybercrime. The mix of damages and related costs from ransomware is seen topping $1 billion a year, according to one estimate.
So it won’t be easy to break the cycle feeding such attacks: victims willing to pay up, and hackers responding to that opportunity. The price of Bitcoin fell on Friday, as traders weighed the chance of tighter regulatory scrutiny of what is a crucial enabler of ransomware. But it has already recovered some of the losses.
Bitcoin’s rise to record heights just increases the temptation for criminals, while the purchasing of the crypto-currency by businesses looking for insurance is almost certainly fuelling its rise.
Tougher sanctions against companies with meagre data protection may force them to find better ways of tackling this. Yet technology is only part of the answer. Humans need to up their game too through better training and organizational awareness.
With people often the weak spot in cyber-defences, this is easier said than done. For now, Bitcoin will keep filling company wallets and hackers’ pockets. Bloomberg
Editor's Picks »
- Artificial intelligence predictions may not always lead to better decisions
- 2G case: Delhi HC defers hearing on CBI, ED plea against acquittals
- Friday Wrap: ‘Parmanu,’ ‘Solo’ make for dull movie week
- In order to grow, we need to get into other markets: Vince Voron
- IHH extends revised offer for Fortis to 30 June
- Motherson Sumi continues to face margin pressure in foreign markets
- What the Warren Buffett indicator tells us about market valuations today
- Jet Airways lands with a thud in Q4 as fuel costs increase
- IBC amendments: Some dilutions, and a lot more speed
- Patanjali’s gambit is paying off in toothpaste wars