Crypto’s collapse does not solve the ransomware problem

More is needed than a months-long cryptocurrency freefall to crush the growing ransomware problem, cyber incident responders and threat analysts tell Axios.

Why it’s important: Companies have struggled to combat a glut of ransomware hackers in recent years, but recent optimism over a decline in attacks as a result of the crypto crash may be short-lived.

• During a ransomware attack, hackers gain access to a company’s network (often through phishing links in emails), infect them with malware that encrypts the entire organization’s files, and then demand payment to unlock the system.
• Ransomware hackers usually specify payment in crypto to keep transactions anonymous and difficult to trace.

Status: Since November, the cryptocurrency market has lost at least $1 trillion in value. Some cybercrime experts and recent reports have been optimistic that the crash and increased US government focus on the ransomware ecosystem could turn the tide against these attacks.

• The thinking goes, if crypto doesn’t have as much value, hackers might not be able to get as much money and turn to other cybercrimes.
• Some researchers and analysts have also attributed a recent drop in ransomware attacks to the crypto downturn.

The intrigue: Even with crypto’s decline, most companies are still facing the same steady number of attacks and paying up, according to retailers, incident responders and threat analysts who spoke to Axios.

• A Sophos report released in April found that 46% of companies paid ransoms in 2021, up from 32% in 2020.
• Victims mostly pay when faced with a ransomware technique known as “double extortion,” in which hackers threaten to leak corporate information stolen from the attack unless the company pays, said Drew Schmitt, an analyst at cyber consulting firm GuidePoint Security.

Between the lines: Crypto remains hackers’ best bet for pseudonymous transactions, and volatility has yet to deter them from relying on the currencies for payment.

• Ransomware gangs only rely on crypto for anonymity and easy money laundering – not because they see crypto as a good investment – ​​so the exact price of bitcoin doesn’t matter to them.
• Chester Wisniewski, a principal researcher at Sophos, says that before the crypto crash, hackers were already expecting to either lose or gain 10% in the weeks it takes them to launder ransoms through crypto exchanges.

Yes, but: Experts helping companies navigate these attacks have limited information about the broader ransomware ecosystem and whether it is truly declining or seeing an uptick.

• One example: It took analysts at least a year to determine that hackers’ double-extortion technique was a permanent part of their attacks, Wisniewski says.

Bottom line: Ransomware isn’t going anywhere.

• But defenses such as implementing two-factor authentication, limiting access to sensitive company files to a small group of employees, and reporting phishing emails make ransomware attacks much more difficult to pull off.