The ransomware epidemic continues to grab headlines and shows no signs of slowing down. The Lockbit ransomware gang, along with many other major gangs, have now formed a “cybercrime cartel” that threatens to take ransomware to the next level.
Cryptocurrency is one of the main factors fuelling this crisis, in more ways than most of us realize.
Obviously, on the surface, cryptocurrencies like Bitcoin make it possible for hackers to demand ransom payments over the internet without any banks or intermediaries who could reverse the payments or reveal the identity of the recipients. However, cryptocurrency has also enabled hackers to collaborate in ways never before imagined.
A Whole New World
In the past, hackers would develop and market tools and programs for use by other hackers, but the scale of this business faced serious limitations. There were two options for transferring cash— making some kind of transfer via a bank or 3rd party service like PayPal or meeting in person.
Both options require compromising anonymity, which is something that most cybercriminals are not willing to do.
Cryptocurrency changed all of that, and the market is just now starting to realize the potential. In many ways, cryptocurrency has democratized finance by putting capabilities that were once exclusive to Wall Street in the hands of everyone. The downside of this is that hackers now have these capabilities, too.
Ransomware-as-a-Service
One of the most significant developments to come out of this new economy is ransomware-as-a-service (RaaS). Some hackers specialize in designing software that can circumvent the latest antivirus software, and then “license” it out to “franchises.”
There’s actually a very competitive recruiting market, with different RaaS outfits offering bonuses and incentives to attract hackers to work with them. The software is maintained and supervised by the RaaS team, who take a percentage of whatever ransom their franchises can extort from victims.
This allows increased efficiency among hackers, and as they earn profits, they have more money to hire staff and further improve their software, in a vicious cycle. In addition, payroll can be managed for a decentralized team via cryptocurrency, allowing more hackers to join forces in a single organization than ever before possible.
The Lockbit ransomware gang, for example, has a sophisticated administrative dashboard that generates new samples of the software, published blog posts, and includes statistical and analytic features for improving the success of their attacks.
Criminal Silicon Valley
Licensing out software is not the only similarity between legitimate software development and the new underground ransomware community. It’s well known that developing quality software can be a capital-intensive venture, and hackers have several infrastructure expenses like server costs.
Now hackers have organized their own kind of venture capital. Investors can browse the resumes of hackers and purchase shares in new ransomware operations, raking in profits if the software works as it’s supposed to.
Like the actual Silicon Valley, there are also competitions to spur innovation. For example, a Russian language hacking forum recently sponsored a contest where hackers produced technical papers about breaking into different systems, with over $100,000 in prizes distributed to the winners.
Organized Money Laundering
Of course, criminals also need to find new ways to use their ill-gotten gains without getting caught. In 2017, the online cryptocurrency exchange BTC-e was fined $110 million for facilitating the exchange of a considerable amount of stolen Bitcoin for Litecoin.
The purchase of all of this Litecoin resulted in a massive surge in the market price of Litecoin, showing that ransomware outfits are growing so big that they can move markets.
A Growing Threat
Cybercrime was already a huge problem for the global economy, but it is set to compound even more with these new methods and capabilities. A number of measures are underway by governments, but there’s not much they can do to solve the problem on their own.
Much of the responsibility for countering this growing threat falls on the shoulders of private businesses and institutions, who are the most common victims of ransomware. As a result, cybersecurity, along with technological literacy, is becoming increasingly fundamental to modern life.
Author Bio
Jeff Stout is a cybersecurity consultant. His work brings him into contact with ransomware and ransomware hackers on a daily basis.