In the months since WannaCry made ransomware a household term, the threat landscape has evolved dramatically. Ransomware is no longer essential to extort money from corporations, governments, and organizations. Instead, cyber extortion – where hackers steal confidential data, research, and information and hold it to ransom – has increased, particularly in the pharmaceutical, manufacturing and energy industries . The escalation of these types of threats is being led by two recent cryptocurrency developments: increased liquidity, and anonymization.
Until recently, cyber criminals trying to extort money via cryptocurrencies were hindered by a few factors – mainly the difficulty in extracting large sums without drawing attention. Now, as the liquidity of a number of cryptocurrencies increases, cyber criminals can collate a number of smaller transactions across multiple cryptocurrencies that later combine to form larger ransom and extortion payments. This capability removes one of the crucial factors deterring the more sophisticated cyber-criminal groups and is already linked to the increasing demand for larger extortion and ransom amounts .
The ability to ‘cash out’ a diverse number of cryptocurrencies also provides the other incentivizing factor for cyber criminals: anonymity. While some of the major cryptocurrencies do not provide full anonymity, there are currently several projects in the works – many being developed with benevolent intentions – to offer substantial future increases in anonymity for the main cryptocurrencies. Many advancements in blockchain applications overall are supporting stronger privacy protections, all of which can be manipulated for criminal use . It is predicted that we will soon see the development of “smart contracts for criminals”, enabled by continued developments in anonymization .
The potential to scale is huge, as well. For example, a project to combine enterprise blockchain payment company Ripple with coin mixing protocol PathShuffle could potentially provide such high levels of anonymity that even nation states could settle and transact large sums of currency without any oversight, monitoring or possibility of international sanctions.
Cryptocurrency extortion is now open to everyone
The commoditization of ransomware and malware compounded with increases in cryptocurrency liquidity and anonymization now puts the ability to extort large sums of money into the hands of many more threat actors. Advanced criminal groups who may not previously have dealt in cyber crime now have access to the tools and techniques to hold data, research, and intelligence to ransom and demand the large payouts that they have come to expect. At present, cryptocurrency risks to businesses and organizations are only set to increase.
To find out more about how Countercept’s threat hunting capabilities can protect your organization from cryptocurrency-related threats, get in touch.
 MWR InfoSecurity White Paper – “Linking Factors Between Cryptocurrencies, Crime, and Enterprise Cyber-Attack”