Would a Ban on Bitcoin Prevent Ransomware Attacks?
The rise of ransomware attacks in the past few years has shown that now more than ever, we need to increase security and prevention so these attacks don’t happen. According to the Romanian cybersecurity company Bitdefender, reported global ransomware attacks increased by 485% in 2020 compared with the previous year.
Some believe that one solution to these ransomware attacks is to put a ban on Bitcoin and other cryptocurrencies. Cyberattackers tend to request a ransom, and they are most often demanding it to be paid in Bitcoin or another cryptocurrency in exchange for the compromised data being returned intact.
Kevin Mandia, CEO of FireEye (NASDAQ: FEYE), a cybersecurity company, believes that the rise in cryptocurrency has had a direct correlation with the increase in ransomware attacks in the past few years. He says:
It’s no question it’s an enabler that you can break in anonymously and be paid anonymously, and now you can commit crime from 10,000 miles away in a safe harbor.
As a result of these attacks, the demand for cybersecurity and protection against these types of ransomware attacks has surged, which has been great news and business for these cybersecurity companies like FireEye and Crowdstrike (NASDAQ: CRWD).
However, the solution of banning Bitcoin seems a little ridiculous and isn’t going to completely solve the issue at hand.
Dmitri Alperovitch, co-founder and former chief technology officer of CrowdStrike, spoke about banning Bitcoin in a recent interview, saying:
I agree that crypto is a huge part of the problem because of the ability to receive payments anonymously, but I don’t think we should ban it. I mean, if we banned computers we would also solve the problem, but no one is suggesting that.
Alperovitch also talked about another possible resolution to the problem:
I do think that regulations on cryptocurrency — know your customer, anti-money laundering regulations to make sure that large transfers are tracked and these criminals can’t receive them anonymously — are going to be very, very important in stemming this problem.
Having some type of regulation in place that would prohibit companies from making ransomware payments in cryptocurrency could possibly decline attacks over time.
Making it illegal for companies to pay the attackers through cryptocurrency would make it harder for the attackers to extract money.
A complete ban on Bitcoin and other cryptocurrencies seem to be a far-fetched reaction to these ransomware attacks. However, making it harder to pay these criminals and give in to their demands seems like a better plan — or at least, a start to some kind of solution.
Chris Krebs, former director of the U.S. Cybersecurity and Infrastructure Security Agency, spoke in an interview with CNBC about the importance of examining the role that cryptocurrency plays in enabling cybercriminals. He said:
This is the issue that corporate executives, boards of directors, general counsels need to be thinking about right now.
Essentially, he's suggesting that if businesses and governments get involved in helping discourage cybercriminals, there's a chance that we could “disrupt these actors and make it harder for them to operate, but most importantly make them not want to play the game anymore.” Some states are already taking action to go up against these cybercriminals.
New York has prohibited private-sector businesses from paying ransoms, and North Carolina, Pennsylvania, and Texas have been working on bills that would prohibit the use of state and local taxpayer money or other public money to pay a ransom.
These bans and new legislation that would forbid businesses to work with cybercriminals are one step in some direction. If the cybercriminals have no financial incentive and aren’t rewarded through cryptocurrency or other payment, then there is no reason for them to continue to attack.
It’s still very unclear what would happen after business refuses to pay. Would an attacker just give up? Would the government step in to help the company in some way and ensure that the business is back in order?
There are a lot of details that need examining when it comes to these ransomware attacks and how to address them, but one thing is for sure: A total ban on bitcoin or cryptocurrency isn't a likely solution.
Until next time,