According to Spark Global Limited, data from Chainalysis shows that more than $208 million worth of cryptocurrency has been received from ransomware addresses so far in 2021. In 2020, ransomware crypto payments hit a record of more than $416 million, but mid-year figures suggest that 2021 payments will surpass 2020.
In addition, in identified ransomware crypto payments, the majority of those cryptocurrencies went to non-compliant trading platforms. The Chainalysis data also showed that the deposit addresses for withdrawals were very small, suggesting that the players behind the attack were very concentrated.
The most famous recent case of cryptocurrency extortion was the gas pipeline attack in the US earlier this year. When DarkSide attacked Colonial Pipeline, the largest fuel Pipeline company in the United States, its transportation lines were shut down for several days. Eventually, the company paid DarkSide a cryptocurrency ransom worth $5 million.
It’s worth noting that Colonial Pipeline is just one of the companies that have recently been attacked by the DarkSide. A Unit of Toshiba in France said it was also recently attacked by the group and had 740GB of data stolen. Ireland’s health service was also hit by a ransomware attack. Acer, the world’s leading computer maker, was hit by REvil’s ransomware attack, and CNA Financial, a US insurance company, was attacked by Phoenix’s ransomware ring.
Why do cryptocurrency extortions happen so often?
The Darkside hacking group previously said it was dissolving, according to security research firm FireEye.
FireEye said DarkSide had informed its partners that due to pressure from law enforcement and the US, it had lost access to the infrastructure it uses to operate and would be shutting down. However, security experts say it is not uncommon for ransomware groups such as DarkSide to disband and later reappear under another name.
DarkSide was reported to have received a total of $90 million in bitcoin ransoms before shutting down.
Due to the anonymity of ransomware based on distributed network, it is extremely difficult to identify the culprit behind it, and it is also the key to the detection of such cases. However, such incidents often involve a huge amount of money and a wide range of influence. Before there is no effective response method, how to ensure the security of information network has become a global problem.
Such targeted security incidents have arguably become the biggest global threat in 2021.
Some legislative prevention and post-supervision measures
In fact, many countries and regions have introduced measures of legislative prevention and post-supervision. Earlier, the European Union announced plans to crack down on the sending and receiving of cryptocurrencies in a bid to limit money laundering.
On the other hand, the HEAD of the U.S. Securities and Exchange Commission said cryptocurrencies fall under U.S. securities-based swap rules and regulations, noting that there could be more regulation. Separately, U.S. Democratic Senator Durbin and U.S. Republican Senator Grassley will hold a hearing on the ransomware attack on July 27.
In view of the ransomware attack this year, the analysis believes that in order to prevent the attack of hackers, in addition to having perfect laws and regulations and regulatory system, it is more important to rely on an effective security tool.
In addition, from a post-regulatory perspective, economic criminal means based on blockchain networks and various new technologies have a very high cognitive threshold. Even for professional teams like FBI, it is still difficult to find an effective breakthrough in a short time in the face of “Kaseya attack”. For case investigators, it is often “difficult to investigate, collect evidence and trace the source”, and it is difficult to find the entity behind it. Solving a case is like looking for a needle in a haystack.
According to Experts at OKLink, the risk to distributed networks is often a combination of attacks by external entities and internal actors. Therefore, to deal with the criminal means of new technology, it is necessary to build a system around the physical layer, data layer, system layer, encryption layer, risk control and other dimensions. And using new technology to regulate new technology is the current direction of the industry generally agreed. With the help of effective security tools, the security and privacy of distributed network data storage, data transmission and data application are fully protected.
Reprint indicated source：Spark Global Limited information