Earlier this summer, the world's largest meat processor, JBS, announced that it paid $11 million in Bitcoin after a cyber attack forced the shutdown of its plants in the U.S., Canada and Australia. This attack was followed by the news that the Justice Department recovered some $2.3 million in cryptocurrency ransom paid by Colonial Pipeline Co, cracking down on hackers who launched the most disruptive U.S. cyberattack on record.
So, why has Bitcoin become so popular in ransomware attacks?
Bitcoin is Still the “King of Crypto”
In terms of market cap and number of users Bitcoin reigns supreme in the cryptocurrency ecosystem. For right now, crypto is also the digital equivalent of a “suitcase of unmarked $100 bills.”
The traditional financial system is a walled garden. To enter one needs to have their identity verified by a regulated financial institution, a process known as Know Your Customer (KYC), and pass checks related to exclusion lists (terror, drug, money laundry, etc.). Additionally, most jurisdictions have also been clamping down on cash transactions, which makes it extremely difficult for bad actors to move large sums of ransom money and then make it disappear without trace.
Crypto, on the other hand, was created originally as an alternative to the financial system and one of the principles to its creation was anonymity. Crypto transactions are executed between blockchain addresses and they are not linked originally 1:1 to the identity of a specific entity and/or person. Despite the fact that many jurisdictions started requiring providers (like exchanges) to require KYC checks, some still don’t, and enforcement is still fairly weak. The result is that many user wallets are still anonymous.
Additionally, the fact that crypto transactions are irreversible and much faster than ‘traditional money’ transactions, and that there are no intermediaries in the crypto system to stop a transaction, or to lock an account, it becomes clear why it is easier to hide and move around ransom money in crypto.
Crypto Regulation Could Make A Difference
More and more regulators are requiring KYC and AML (Anti Money Laundering) checks and balances, and most financial institutions today require verification of ‘cleanliness’ of money originating from Crypto (checking the crypto path from origination to destination). As a result, it’s getting harder and harder to get rid of dirty money, even if it originates in cryptocurrency. In addition, as the volume of institutional money and investment in crypto continues to increase, legitimate use and wallets will also grow.
The more KYC/AML checks are required and enforced, the magnitude of problems will decrease.
However, legislation will not solve the inherent issue of lack of intermediaries in the crypto environment (at least for existing blockchains), as they are based on decentralized blockchains. So, even when law enforcement identifies a suspected address, it is nearly impossible (baring very special situations) to seize these funds or prevent their movement elsewhere.