How will crypto crash affect ransomware attacks and payments?
In recent years, cybercriminals have repeatedly requested crypto as their preferred currency for ransom payments.
But with Bitcoin losing more than half its value this year, those ill-gotten gains have deflated significantly. How will the crash affect ransomware groups? Will it change payment requests from threat actors going forward?
A broken Bitcoin can increase ransom gangs
Business owners have less incentive to continue operations if it becomes less valuable, if common sense is followed. That said, as the crypto market has been volatile in recent months, many assume that hackers are more likely to shift to crimes like malware attacks and phishing scams that target actual dollars.
Mark Manglicmot, senior vice president of security services at Arctic Wolf, disagrees with that assumption. He suggested that the unique characteristics of cryptocurrency make it an irreplaceable means of exchange for cybercrimes. It’s easy, it’s fast, and most importantly, the anonymity allows attackers to easily make off with the stolen funds.
“I wouldn’t say it’s impossible to track cryptocurrency, but it’s very difficult,” Manglicmot said. “Especially if criminals have converted the money into standard currency.”
Ian Thornton-Trump, CISO of Cyjax Ltd., pointed out that the devaluation of Bitcoin will make cybercriminals “work even harder” on ransomware attacks.
“Cryptocrash makes attackers’ money worth less, so they will be more aggressive in exploiting companies to extract ransomware to keep the lifestyle they’ve been used to,” he said.
Businesses should not let their guard down despite a drop in ransomware attacks
Ransomware attacks fell by 23% globally from January to June, according to US cybersecurity firm SonicWall’s 2022 Semi-Annual Cyber Threat Report. Although this time period overlaps with crypto’s bear market, many experts emphasize that the political conflict between Russia and Ukraine is the biggest factor in the decline of ransomware.
“I don’t think a crypto crash is going to have a big impact on whether or not ransomware occurs. Don’t forget that we have a huge amount of world hackers connected to the Russia-Ukraine war right now,” said Micheal Fey, co-founder and CEO of Iceland.
More than half of state-sponsored cyberattacks have been traced back to Russia in recent years, according to various sources. And 74% of ransomware revenue went to groups “highly likely to be associated with Russia.”
Manglicmot pointed out that companies should not take the current decline as a reassuring trend. He suggested that “it’s only a matter of time before the numbers continue to rise again.”
In other words, when the war ends, there could be a new wave of ransomware attacks as cybercriminals return to everyday life.
Cybersecurity budgets amid high inflation
Despite the Biden administration making ransomware defense its top priority last year and taking down several high-profile hacker groups, there are more challenges ahead amid high inflation.
“With inflation, government departments are going to cut their budgets accordingly. So we’re not in a good place to anticipate another wave of ransomware attacks coming up and law enforcement budgets being reduced,” Thornton-Trump said.
Therefore, it is time for companies to work internally and strengthen their ransomware defenses. For example, companies can start by purchasing cyber insurance, building 24-hour security operations centers and having the right representation from cyber security at the executive level.
“The ransomware landscape will get worse in the coming years, and we should all better prepare for it,” Thornton-Trump added.
