Earlier today the news started coming out that the US will start treating ransomware on par with terrorism. This is in the wake of a string of catastrophic attacks, not only ransomware but also several supply chain attacks.
There is some concern within crypto-currency circles that this may turn into a new FUD-cycle for Bitcoin. There is already no shortage of lo-res intellects calling for a ban on Bitcoin and crypto-currencies, thinking that even if cryptos could be banned (they can’t) that it would eliminate the problem of ransomware (it wouldn’t).
Ransomware attacks are neither enabled nor incentivized by the existence of Bitcoin alone. They are made possible by lousy software and bad security practices and exploited because they can be. Said differently, if Bitcoin didn’t exist, ransomware attacks would still occur, being driven by the security weaknesses that enable them.
I’ve been covering the ransomware beat over on AxisOfEasy for a couple of years now and one recurring theme that runs through a vast majority of ransomware attacks is (wait for it…) Microsoft software. Windows Servers are generally garbage and MS Exchange specifically is a disaster.
A more effective path toward ridding the world of ransomware would actually be to eliminate Microsoft.
The other common theme among nearly all system compromises is poor security posture. Employees aren’t adequately trained to spot phishing attacks (the most common attack vector in all ransomware attacks), and ops teams let their guard down.
Once the post-mortem of the now infamous Solarwinds supply-chain attack was in, it turned out that a password to a code repository had been set to “solarwinds123”, and then published to their Github. Solarwinds deftly threw an intern under the bus and then pulled the “Blame Russia” card out of their back pocket.
I’ve been a sysop, and I know how hard that gig is. I’m also a CEO who’s company has been hit with a security breach (one that made the evening news). It’s not fun.
There is really only one productive response to dealing with a security breach and that is to take responsibility and then up your game. That has to happen individually, and I think any company who’s number comes up probably (hopefully) does that.
But it also has to happen collectively.
When you look at the common attack vectors that lead to ransomware infections, they are all preventable and could be greatly reduced through a modicum of security training. In this day and age we should be teaching our kids this stuff in school (instead of turning their minds into mush with CRT and Common Core).
Actually, Bitcoin solves this…
Alas, in the age we live in it’s quite typical to think in magical prescriptive terms, like that a ban on Bitcoin would actually eliminate ransomware. Beyond the usual institutional blindness to second-order effects, this idea goes even further. It makes the case that you can eliminate a cause by banning an effect.
It misunderstands the role that Bitcoin plays in the ransomware calculus. Bitcoin is just a value transfer medium. If it didn’t exist or was banned, the perpetrators (the actual criminals launching the attacks) would simply choose some other value transfer medium to exert their leverage.
It may not even be monetary. They could force a company to change a policy or pull a product. Cancel a show. Acquire a competitor or divest out of some market.
They could go full Black Mirror, episode #1.
If you think about it that way, maybe it’s better that they just want Bitcoin. It could be preferable to the alternatives. Further, the market is catching up to the technology in terms forensic analysis.
There are companies like Chainalysis (and here in Canada, BIGG Digital, who we own in our Crypto Capitalist Portfolio) that provide forensic analysis on blockchain data. Ransomware gangs do get busted and those guys go to prison. This is all just the new world of police work and there’s always smart people and forward thinking companies on the other side of the battle against the next generation of criminality.
There’s another second order effect to Bitcoin existing that will also help ameliorate the ransomware problem, it’s this:
When people become HODL-ers, they begin to take their own security more seriously. They’re have to, because cryptos are still very much the wild west and that’s a good thing. People have to take responsibility for their own keys, their own coins and they have to do their own diligence. That forces them to be more security minded and thus less susceptible to the kinds of attack vectors that lead to ransomware infections.
So the more people hold Bitcoin and cryptos in general, the fewer will be easy vectors for introducing breaches into their organizations.
Banning Bitcoin would accomplish nothing beyond not achieving the stated goal of reducing ransomware. It would only succeed in criminalizing honest people without having any lasting effect on the criminal element that undertake these attacks.