Companies are hoarding bitcoin to protect against future “ransomware” attacks, reports NBC News as WannaCrypt ransomers have profited over $80,000, according to blockchain analytics firm Chainalysis.
“It’s one of the tools in their pockets,” according to cybersecurity and Bitcoin expert Florin Lazurca, the senior technical marketing manager for security at Citrix Systems. “It’s one of the things where you might be trying to cover all your bases, and so it lets you still recover your data and network.”
Citrix conjectures approximately one-third of U.K. companies purchased digital currency in 2016 in order to “regain access to important intellectual property or business-critical data.” Citrix also found most of the companies fail to back up their data daily, a security breach.
“Part of the everyday ransomware demand is Bitcoin because it’s easy to get and it’s the currency of choice for the criminal underground,” according to cyber insurer Bob Wice, Beazley Group’s U.S. leader of technology, media, and business services.
“I’ve often heard expressed that intelligence agencies and law enforcement act on a reactive basis,” said Dr. Simon Moores, Britain’s former technology ambassador and chairman of the annual international e-Crime Congress. “Once it’s into your system, there’s not much they can do about it.”
He added: “It’s all well and good to catch up to the actors and prosecute them, but that doesn’t help you if you happen to be a financial institution or business and data is mission-critical.”
Thousands of computers were affected by WannaCrypt in China and Japan before the attack spread across the world. Security researchers from across the world were able to reverse engineer the malware very quickly.
In its analysis of the WannaCrypt ransomware bug, Redsocks notes the three bitcoin payment addresses hard-coded into the coding. Thanks to the transparent nature of bitcoin’s blockchain, the history of the digital currency’s transaction is public.
Thus, we perhaps know the pirate’s booty. As of Sunday, the addresses known had received 100 payments for approximately 15 bitcoins. At press time, that represents approximately $US26,148.
The co-founder and lead investigator of Elliptic, Tom Robinson, estimates that the hackers have procured $41,000 due to WannaCrypt.
By now you’ve probably seen the images. Messages displayed on NHS computers and others circulated on social media. The WannaCrypt hackers generally ask for $300-$600 to be sent to one of three bitcoin addresses.
The addresses, hardcoded into the malware, can be watched by a Twitter bot set up by Quartz staff that can be seen at @actual_ransom.
It’s surprising that, in what’s being called the worst ransomware outbreak to date, not yet $100,000 has been earned.
Featured image from Shutterstock.