Bitcoin Ransomware and Remote Working: What the Future Holds

Published at: Aug. 21, 2020

The new work-from-home culture is gaining more traction than ever before as businesses, government departments and schools try to remain afloat while flattening the pandemic curve. This migration to remote working is a double-edged sword that creates a fertile land for cybercriminals to thrive on. There is no way that cyberattacks can be eliminated completely. The best that companies can do is minimize the frequency of the threats.

What is ransomware?

Cybercriminals use malicious software code to block people or organizations from accessing their computer systems until a ransom has been paid. Cryptocurrencies such as Bitcoin (BTC) have made it easy for these nefarious actors to receive payment without exposing their identities.

The United States cybercrime arm of the Department of Homeland Security, in conjunction with the United Kingdom’s National Cybersecurity Centre has already issued alert warnings about an increase in phishing scams that can lead to installing malware on computer systems. The joint alert was issued as the number of cyberattacks against remote workers increased.

Hackers are targeting individuals and all kinds of establishments. In June, the University of California at San Francisco was forced to fork out $1.14 million in Bitcoin after suffering a ransomware attack. In May, hackers successfully attacked celebrity lawyers Grubman Shire Meiselas & Sacks. The criminals threatened to expose one terabyte of data of celebrities’ private data unless a ransom was paid in Bitcoin. Additionally, the City of Johannesburg, South Africa’s financial capital, was targeted in a Bitcoin ransomware attack in October 2019.

Cryptocurrencies, due to their anonymity, are becoming popular with cybercriminals. Hackers receive the ransom payment in privacy coins or major cryptocurrencies such as Bitcoin. The digital assets are then cleaned by being passed through mixing services.

Companies and employees should invest in cybersecurity

As companies allow their employees to work from home, they have to realize that their data and secrets are at stake. While remote employees are the targets, it is the companies that suffer at the end of the day. It goes without saying that prevention is better than a cure. Companies need to invest in teaching their employees how to safeguard their computers or systems.

According to cybersecurity firm Sophos, about 73% of ransomware attacks result in data being encrypted. For a ransomware attack to be successful, it goes through three stages:

Data encryption.

Getting payment.

Data decryption.

There are several ways in which ransomware begins its process. It could be a simple phishing email or hackers could exploit vulnerabilities in network systems. Firewalls should be used to block ransomware. Some companies may think that implementing a firewall is expensive, but the clean-up bill is much higher.

Employees should use strong passwords that are a mix of all types of characters found on a standard computer keyboard. The passwords should also be constantly changed. There are free tools that can be used to generate strong passwords that are not easy to crack.

Should companies pay ransom demands?

This is a difficult question, as it normally depends on what the company has to lose if the ransom is not paid. Hackers usually target a company if they know that there is valuable data. In most cases, it could be damaging for a company’s operations and reputation if its data, or that of its clients, is leaked on the internet or sold to the highest bidder on the darknet. Nefarious actors were recently selling 160 million user records stolen from 11 companies on the dark web, asking for a combined price of just over $23,000.

The answer to this question is not clear, but logic points to paying the ransom. And cryptocurrencies will be used to facilitate these transactions.

The views, thoughts and opinions expressed here are the author’s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.

Michael J. Garbade is the co-founder and CEO of Education Ecosystem. He is a serial tech entrepreneur who formerly worked at Amazon, General Electric, Rebate Networks, Photobucket and Unicredit Group. Garbade has experience working in the United States, Europe, Asia and South America.

Tags
Related Posts
Ransomware Targets Outdated Microsoft Excel Macros to Deploy Attacks
Microsoft Security Intelligence alerted users to a type of ransomware, called Avaddon, that uses Excel 4.0 macros to distribute malicious emails. These emails contain attachments which deploy an attack when opened in any version of Excel. Avaddon ransomware emerged in early June through a massive spam campaign that randomly targeted its victims. Some patterns seem to indicate that the ransomware mostly targets Italian users. Impersonating Italian officials As BleepingComputer reports, the attackers behind the ransomware are recruiting “affiliates” to spread the payload. According to their analysis, Avaddon’s average ransom amount is around $900, paid in crypto. The attack commonly impersonates …
Technology / July 3, 2020
Don’t blame crypto for ransomware
Recently, gas has been a hot topic in the news. In the crypto media, it’s been about Ethereum miner’s fees. In the mainstream media, it’s been about good old-fashioned gasoline, including a short-term lack thereof along the East Coast, thanks to an alleged DarkSide ransomware attack on the Colonial Pipeline system, which provides 45% of the East Coast’s supply of diesel, gasoline and jet fuel. In cases of ransomware, we generally see a typical cycle repeat: Initially, the focus is on the attack, the root cause, the fallout and steps organizations can take to avoid attacks in the future. Then, …
Technology / May 30, 2021
Colorado Hospital Patient Information System Hit by Crypto Ransomware
Hackers have infected the infrastructure of Parkview Medical Center — the largest health center in Pueblo County, Colorado — with cryptocurrency ransomware. Citing a hospital employee, Fox News reported on April 24 that Meditech — the Parkview Medical Center’s system for storing patient information — was infected with ransomware and rendered inoperable. The hospital confirmed the incident in a statement: “On Tuesday, April 21, Parkview Medical Center was the target of a cyber-incident which has resulted in an outage in a number of our IT systems.” As Cointelegraph recently reported, ransomware attacks against hospitals are ongoing, despite the fall in …
Technology / April 29, 2020
Ransomware Threatens Production of 300 Ventilators Per Day
The FDA-approved Coronavirus ventilator manufacturer Boyce Technologies has been targeted by ransomware launched by the DoppelPaymer gang, who are threatening to leak data from the company. Cointelegraph has viewed the DoppelPaymer blog, where the gang lists example files of the data stolen during the attack, including sales and purchase orders, assignment forms, among others. The cybercriminals have threatened that more information will be disclosed next week through the site if an undisclosed crypto ransom is not paid by the firm. Boyce Technologies is well-known for its work in designing and manufacturing FDA-approved low-cost ventilators in just 30 days during the …
Blockchain / Aug. 7, 2020
Aviation Database Struck By Unknown Ransomware Gang
Smartwatch maker and data-syncing service provider, Garmin, was the subject of a ransomware attack that took down several of its services on July 23, which managed to encrypt its internal network. According to a series of tweets published by the company, the Garmin Connect website and mobile app were affected by the hackers, plus the call centers and every customer support resources like replying emails, online chats, and handling calls. However, the nature of the attack was unveiled by ZDNet, who also stated that the cybercriminals also targeted flyGarmin, the company’s service that supports its line of aviation navigational equipment. …
Technology / July 25, 2020