Cryptocurrency Ransomware Payments Rose by 300% Last Year – The Tokenist

Neither the author, Tim Fries, nor this website, The Tokenist, provide financial advice. Please consult ourwebsite policyprior to making financial decisions.

Over the past year and a half, crypto-ransomware attacks have surged by over 300%, a recent report by Chainalysis reveals. Attacks have shown no signs of slackening in 2021, forcing the US Department of the Treasurys Office of Foreign Assets Control (OFAC) to take additional measures.

OFAC has issued an updated advisory, highlighting the sanctions risks associated with making ransomware payments, as well as suggesting some remedies to deter future cyber-extortion attacks.

Ransomware has evolved into a sophisticated and aggressive form of malware, shutting the networks and systems down unless corporations agree to pay the requested ransom.

Recent ransomware attacks have shut down public transportation, taken down the largest fuel pipeline in the US, and have stolen the personal data of more than 40 million people, to name a few. Moreover, a look at data by a ransomware tracker reveals that over 20 major cyber-attacks take place each month.

To address these rising issues, the OFAC has updated its ransomware advisory. Here are three key updates:

The updated advisory notes that meaningful steps are taken to reduce the risk of extortion and will be considered a significant mitigating factor in any OFAC enforcement response. The report adds:

Such steps could include maintaining offline backups of data, developing incident response plans, instituting cybersecurity training, regularly updating antivirus and anti-malware software, and employing authentication protocols, among others.

Nevertheless, data by Chainalysis shows that ransomware payments have crossed $400 million, rising by over 300% from 2019 to 2020. Moreover, Chainalysis claims ransomware attackers are not slowing down in 2021.

As crypto-ransomware attacks reach new peaks with each passing day and officials from everywhere underscore the need for additional security measures, it turns out that Bitcoin ATMs are stacked with numerous vulnerabilities.

A recent study by Kraken Security Labs unveils that a specific model of Bitcoin ATMs, dubbed The General Bytes BATMtwo (GBBATM2), possesses multiple hardware and software vulnerabilities. The report said:

Multiple attack vectors were found through the default administrative QR code, the Android operating software, the ATM management system and even the hardware case of the machine.

Firstly, the study revealed that multiple ATMs contain a hash of a default factory setting administration key, meaning that many GBBATM2 owners havent changed the default admin QR code. This implies that if one manages to get his hands on the Administration Key QR-code, they can take over all the ATMs that havent changed that default code.

Further, the GBBATM2 container is only protected by a single tubular lock and has no local or server-side alarm to inform others when internal components are exposed. Therefore, it is relatively easy to access the full interior hardware of the device.

Moreover, the GBBATM2s Android operating system has very poor security features, making it pretty easy to gain direct access to the full Android UI. The ATMs also lack firmware and software verification functionalities.

Considering that the crypto ATM market is poised to see massive growth in the near future, such issues need to be addressed with more seriousness so that it doesnt open a potential loophole for exploiters.

Finance is changing.

Learn how, with Five Minute Finance.

A weekly newsletter that covers the big trends in FinTech and Decentralized Finance.

Awesome

Youve subscribed.

Youre well on your way to being in the know.

Do you think crypto regulations would help slow down ransomware attacks? Let us know in the comments below.

About the author

Tim Fries is the cofounder of The Tokenist. He has a B. Sc. in Mechanical Engineering from the University of Michigan, and an MBA from the University of Chicago Booth School of Business. Tim served as a Senior Associate on the investment team at RW Baird's US Private Equity division, and is also the co-founder of Protective Technologies Capital, an investment firms specializing in sensing, protection and control solutions.

View original post here:
Cryptocurrency Ransomware Payments Rose by 300% Last Year - The Tokenist