Computer systems have changed the way human beings interact and do business. Today Information Communication Technology (ICT) has permeated nearly all sectors of the economy and affected every facet of everyday life. The increasing use of ICT has come with its share of challenges from accessibility to system stability. The biggest worry right now is system and data security mainly due to hacking incidence involving malware and ransomware.
A lot of technological advancements are made towards improving computer systems integrity, but a lot still needs to be done. Ransomware Statistics of 2019 show that hacking incidences involving ransomware have been reduced in the past two years but may make a comeback shortly in a different form. The change may include a reduction of the amounts demanded by orchestrators as well as the mode of financial payments that they use.
In spite of having anti-malware software installed, systems are still being exploited. The current data shows that one out of every five victims of ransomware attacks always have to pay the cybercriminals to regain access into their computer system. Many more have had to lose their data after refusing to heed to the hackers’ demands for payment. WannaCry remains the most commonly encountered ransomware while desktop computers still account for up to 80 percent of all the devices affected by the technological hostage and ransom takers.
More findings confirm that North America accounts for close to half of all the ransomware attacks carried out in the world today. Up to 40 man-hours have been lost decrypting affected files and or replacing affected ones with backups as the total cost of the attacks on the organizations running into millions of dollars. Ransomware incidents are increasing; often, Bitcoin is seen as a popular payment system with hackers who engage in this crime mainly because of its pseudo-anonymous quality.
However, recent incidents have shown that other decentralized digital payment currencies are now being used more and more in ransomware attacks. Techies who engage in ransomware prefer the use of cryptocurrencies since such currencies offer certain merits in comparison to currencies controlled by governments across the globe. With the increase in cryptocurrencies options currently in circulation, those used by cybercriminal facilitate ransomware payments are a select few.
During its formative years, Bitcoin was quite popular with the dark web. It was used to facilitate payments for services offered on those dark sites. These were services that people wouldn’t ordinarily be willing to get associated. Consequently, it got exposed to a variety of undesirable individuals who would appreciate the opportunity that digital currency offered thanks to its pseudo-anonymity.
This shadowy connection led to its use by several ransomware crooks demanding payment to decrypt locked files in Bitcoin. Furthermore, thanks to its history and popularity, cybercriminals view it as a readily available and understood cryptocurrency for many. It is considered to be readily available and doesn’t need a lot of explanations, therefore, increasing the possibility of the victims complying with the ransom takers demands.
In 2018, Bitcoin was used to facilitate payment for what was arguably the biggest ransomware attack of all times, i.e., the WannaCry attack. First reported in May 2017 and spread across the world. In a matter of weeks, the malicious software had affected a substantial number of computer systems all over the world. WannaCry affected a wide berth of both individuals and organizations. Most notable was UK’s NHS, LG Electronics, Deutsche Bahn, and others. The hackers wanted between 300-600 USD in Bitcoin for each affected computer. The WannaCry attackers made a whopping 241,000 USD.
Not Petya was another notable malware that came alive in June 2017. It was very sophisticated; it was a true virus spreading itself from one device to another device automatically without any human execution as is common for malware. The makers of Not Petya netted a total of approximately 18,000 USD having charged 300 USD in Bitcoin to restore access to the files that they hacked.
2. Bitcoin Cash
Cybercriminals are already using the alternative coin created after a Bitcoin hard fork in August 2017 despite being less than a year. A type of ransomware popularly known as Thanatos infected machines around the world. Once infiltrated the malware in the machine displays a message demanding $200 paid in Bitcoin Cash. This was the first ransomware that requires payments in digital currency. Thanatos, equally, also accepts remunerations in Bitcoin and Ethereum.
While Bitcoin is still the best-known cryptocurrency, cybercriminals are now considering the privacy-centric coin Monero. Monero is quite popular on dark web marketplaces, and ransomware demands mainly due to its privacy features. Kirk ransomware is a good example of a malware whose orchestrators require 1,100 USD in Monero for file decryption. This malware is different as it is impossible to decrypt the affected files differently except by receiving the key from the orchestrators.
It is the 2nd largest cryptocurrency by market capitalization; it has grown in popularity and use and has captured the attention of cybercriminals who are now demanding settlements in the digital currency. HC7 Planetary is new ransomware and is increasingly affecting machines across the globe. The software infiltrates a computer and goes on to infect any other machines on a given network.
If the malware infects one computer, the orchestrators are demanding up to 700 USD. However, if several machines get infected within a computer network, the black-hat hackers are demanding upwards of 5,000 USD to restore access to all the affected computers in the network.
Verge and Dash are the other cryptocurrencies worth noting within the ransomware underworld. These cryptocurrencies have privacy qualities that are appealing to cybercriminals keen on avoiding detection, arrest, and eventual conviction.
While cryptocurrencies continue to be popular among cybercriminals, it is worth noting that all innovative financial settlement methods were once used by perpetrators, mainly in their formative stages. It is just a matter of time until protocols are put in place to track the hackers down; a good example is the transactions done on the Bitcoin blockchain system now. They are now traceable and easily identifiable.