The NSA tool-derived WannaCry ransomware was used to carry out the largest ransomware attack in history, affecting well more than 100,000 computers across 99 countries. Over the course of the attack, the majority of mainstream media outlets in the US continued to emphasize the involvement of bitcoin in the attack, rather than the utilization of the NSA tool which was developed using taxpayers’ money.
Bitcoin is the lifeline of ransomware. Without cryptocurrencies such as Bitcoin and Monero, it is not possible to accept digital ransom payments without being flagged by various Know Your Customer (KYC) and Anti-Money Laundering (AML) systems. However, the US dollar and cash, in general, are also lifelines of illicit drug trading, prostitution, money laundering and other criminal acts that inflict far more serious financial damages than ransomware attacks.
Prior to the release of Microsoft president and chief legal officer Brad Smith’s blog post entitled “The need for urgent collective action to keep people safe online: Lessons from last week’s cyberattack,” in which he explicitly explained that the WannaCry ransomware derived from a tool developed by the National Security Agency (NSA) of the US, many mainstream media outlets offered rather impractical coverage on the issue by addressing the presence of bitcoin instead of the utilization of the NSA tool.
The coverage of media outlets such as New York Times and Bloomberg should be considered impractical because it drifted away from the actual issue that is the US law enforcement using taxpayers’ money to develop malware that do not necessarily benefit anyone in the process and established a target on bitcoin which had minimal impact on the entire situation, if any.
On May 15 for instance, Bloomberg spoke with CFR Director of Digital and Cyberspace Policy Program Adam Segal, who persistently went on to criticize bitcoin’s role in the WannaCry ransomware attack. But, as Bitcoin and security expert Andreas Antonopoulos explained, when initiating investigations into drug trafficking, law enforcement focuses on finding the origin of the drugs and the masterminds behind the distribution process, rather than which financial method was used to incentivize the distributors.
Blaming bitcoin for ransomware is exactly like blaming the duffel bag full of cash for a kidnapping.
To further understand the mindset of the mainstream media and journalists blaming the utilization of bitcoin for the global WannaCry ransomware attack, it is important to consider their perception and knowledge of bitcoin. Many journalists have a fundamental misconception that bitcoin is anonymous. A New York Times article on the issue read:
“Bitcoin has given cybercriminals an easy and anonymous way to get their profits, and it is much harder to track than credit cards or wire transfers.”
However, New York Times journalist Nicole Perlroth directly contradicted his claims and the entire article’s position on the matter when he wrote this passage on the same article:
“As of Saturday afternoon, several Bitcoin accounts associated with the ransomware had received the equivalent of $33,000, according to Elliptic, a firm that tracks online financial transactions involving virtual currencies. And the number could grow.”
It is still unclear as to why Perlroth used the term “several” when exactly three bitcoin addresses were hard-coded to the ransomware. Also, in the previous paragraphs, the New York Times article described bitcoin as an anonymous cyber crime money. In the last few paragraphs, the article discussed in-depth as to how a bitcoin startup is untangling startups using the public blockchain to trace bitcoin payments of the accounts of the criminals.
If bitcoin wallets can be traced and ultimately pinged when they’re used in bitcoin exchanges, bitcoin isn’t anonymous in nature. Hence, the entire proposition on bitcoin is fueling ransomware attacks is off-based.
Most importantly, as Microsoft president Brad Smith noted, the focus should be set on the NSA tool used by the ransomware. Smith wrote:
“The WannaCrypt exploits used in the attack were drawn from the exploits stolen from the National Security Agency, or NSA, in the United States. That theft was publicly reported earlier this year. A month prior, on March 14, Microsoft had released a security update to patch this vulnerability and protect our customers.”
Featured image from Shutterstock.