« Back to Blog
The Use of Bitcoin in Ransomware
By Del Peñano
Aug 23, 2017
The Use of Bitcoin in Ransomware
The rise of ransomware is prevalent, whether we are consumers or businesses, we have the potential to be a victim of this very common malware. Today, I will provide insights on the five key points of Bitcoin, since that is how most, if not all, ransoms are paid.
But first, let’s define ransomware. Ransomware’s main purpose is to extort money payable in Bitcoin in most cases. The perpetrators inject malware, which can either encrypt or deny access to one’s computer or server, unless a ransom is paid, in exchange for a decryption key, thus giving the user back access to their own files or system. It’s all important to note that there’s no guarantee that the victim of a ransomware attack will even get the decryption key after paying a ransom, or it’s possible that cyber thieves may come back a few months later demanding ransom again. It’s also important to state that some organizations choose not to pay the ransom and the reason that some are able to that is because they have other means in place, like additional servers where they backup their important data to the cloud, therefore, they are not forced to pay.
As I stated earlier, victims of ransomware are extorted for money, in this case a digital currency like Bitcoin, a form of cryptocurrency.
##Top Five things to know about Bitcoin:
Anonymous - All parties can transact without known identities, since Bitcoin address are not tied to the identity of users. It’s important to note that one is not completely anonymous when using Bitcoin, since yes, Bitcoin addresses can still be linked to actual identities if real names/identities are used when one deposits or withdraws money to or from an exchange/digital wallet, thus broadcasting the address of where donation came from, and now their identity is revealed. This can even happen with online stores that accept Bitcoin. These top companies accept Bitcoin One way to maintain anonymity is to use [TOR](https://en.wikipedia.org/wiki/Tor_(anonymity_network), which is a browser for anonymous communication or hiding one’s IP address.
Trading - The ability to buy either offline or online. Be sure to do your research on these exchanges that buy and sell Bitcoin. Most charge an exchange fee and some transactions have been known to fail, so there may be some risk.
Blockchain - “This is a peer-to-peer distributed ledger technology for a new generation of transactional applications that establishes trust, accountability and transparency while streamlining business processes. Think of it as an operating system for interactions.” -Jim Zemlin, executive director of the Linux Foundation. In layman’s term, think of it as a public spreadsheet or ledger that anybody can add a row of information to, but cannot update or delete anything. There is, off course, coding, which is encryption on the back end that is happening with this technology.
Criminal Activity - As you probably can tell by now, Bitcoin can be popular with criminals, from drug trafficking to money laundering and everything in between. There are several so-called “dark websites,” which have been shut down by authorities. These dark websites are known to accept Bitcoin.
Merchant Acceptance of Bitcoin - Since 2015, more merchants have accepted Bitcoin as a form of payment, charging fees from zero to two percent, which is better compared to credit card processors, who charge 2%-3%. Here is a list of some of the merchants that accept Bitcoins: PayPal, WordPress.com, Overstock.com, Microsoft, Virgin Galactic, Expedia and Zynga (as mentioned above).
In conclusion, here are some best practices to help mitigate cyberthreats:
- Be sure to update your security-software patches on regular basis
- Be sure to have at least three backups: local, external and remote (cloud)
- Be sure not to open unknown email attachments or clicking links in spam emails.
- Be sure to have a cloud-enabled network protection service, which can protect businesses from threats such as malware, ransomware, network intrusions, data leak and DDos attacks
Given the rise in ransomware and other malware attacks, it’s of the utmost importance to follow the fundamentals of protecting your data and network as listed above. Call Jungle Disk today to learn about our Data Security Suite at 1-888-601-0401 or take network test here.