The first known ransomware attack was distributed via 20,000 floppy disks sent to attendees of a medical conference in 1989. Back then, victims were asked to send $189 to a PO Box in Panama if they wanted to unencrypt their computers. And perhaps unsurprisingly, authorities soon discovered the scheme’s perpetrator and arrested him for blackmail.
But in the years since, malicious actors have adapted both their distribution methods and their means of extortion. Today, hackers leverage the internet to access a global network of potential victims, and they almost always demand ransom payments in cryptocurrency.
Since 1989, the invention of digital money has advanced the field of cyber extortion more than any other technology.
In the late nineties and early noughties, services like Liberty Reserve and e-gold allowed hackers to receive ransom payments anonymously, but law enforcement ultimately forced the closure of both by targeting the companies that operated them.
With the advent of Bitcoin in 2009, however, digital blackmailers finally had an anonymous payment method that authorities couldn’t shut down.
More than a decade later, hackers still favor Bitcoin as their primary method of collecting blackmail payments, which cost businesses millions of dollars each year.
In the largest disclosed payment, CNA Financial paid BTC worth $40M to recover files corrupted by ransomware. According to a Sophos survey of 3,000 cybersecurity leaders, the mean ransomware payment in 2023 was $1.54M.
Traditionally, authorities in the US have advised businesses not to cave to cyber criminals’ ransom demands. And now, apparently hoping to lead by example, the government has convened a 40-country alliance, pledging never to pay ransom to cybercriminals.
Parties to the agreement will also work together to share information, including creating a blacklist of crypto wallets known to have received payments from extortion, deputy national security adviser Anne Neuberger said on Tuesday, October 31.
Of course, the rising threat posed by ransomware isn’t the only reason the government has increased its surveillance of crypto transactions.
Citing national security concerns over the use of crypto by various terrorist and criminal organizations, the Financial Crimes Enforcement Network (FinCEN) recently moved to restrict the use of cryptocurrency mixers. The latest sanctions point to an emerging global security paradigm that makes transacting anonymously more difficult.
Certainly, efforts to deanonymize crypto wallets have borne fruit for many law enforcement agencies around the world.
For example, on Tuesday, October 31, Taiwanese police announced the arrest of four men in relation to the “largest virtual currency money laundering syndicate” ever discovered in the country. A single crypto wallet controlled by one of the men handled $320M in USDT, the police report said.