December 8, 2013 6:37 pm

Bitcoin fuelling rise in cyberattack ransom demands


Bitcoin has fuelled a surge in the number of cyberattacks where computers and personal data are held hostage in return for ransoms paid in the almost-anonymous virtual currency.

Ransomware attacks, where hackers encrypt computer data so it cannot be accessed until they receive a payment, have risen more than ten-fold in the past two and a half years, according to data from security company McAfee.

There were over 300,000 known incidents in the last quarter. Deprived of the use of their computer and important files and with little recourse to the law, victims often feel forced to pay the attackers the hundreds of dollars that they demand to unlock the data.

Cyberattackers prefer to demand ransoms in Bitcoin because it is much harder to trace than credit card payments in conventional currencies. Using Bitcoin is the online equivalent of leaving a suitcase full of cash in a park, with the added advantage that its soaring price – rising above $1,000 last week – gives criminals an extra way to profit from the attacks.

Mikko Hypponen, chief research officer of F-Secure, a cybersecurity company, said the Cryptolocker ransomware had become a “major headache” with fresh victims emerging all over the world.

“Companies have been infected and it doesn’t just encrypt the hard drive, but every file a computer can access on a local network,” he said.

Hackers used to demand payment vouchers such as MoneyPak or PaySafe or even iTunes gift cards which they then resold. but ransomware is becoming much more popular now they can use Bitcoin. The virtual currency is anonymous, at least until it is exchanged for conventional money.

The cybercrime unit of the UK’s National Crime Agency warned last month that a mass spam email campaign was targeting small and medium-sized business, luring them to click on email attachments which infect their networks with the Cryptolocker ransomware.

In the US, a Massachusetts police department was reported to have paid $750 in Bitcoin to recover images and documents after it was infected with the same malware. It paid the ransom despite a recommendation from the US computer emergency readiness team that victims use a security expert to remove the ransomware. The Swansea police department did not respond to a request for comment.

Raj Samani, McAfee’s chief technology officer for Europe, Middle East and Africa, said cybercriminals no longer needed to be technologically capable as the ransomware was available to buy as a kit online. He said there was now a “rich and varied marketplace” which was moving crime online.

“It is an evolution of crime, with more and more people migrating over to this as it is physically safe, considerably easier and harder to enforce,” he said.

Bitcoin’s anonymity has made it a preferred currency for people buying drugs over the internet, as on the Silk Road website which was shut down by the FBI earlier this year. It has also spurred on other types of cybercrime such as theft of bitcoins, which are simply long codes, and Bitcoin mining, where the processing power of hacked computers is harnessed to maintain the public ledger of bitcoins in return for payment in the currency.

But Bitcoin is gaining legitimacy, with Ben Bernanke, chairman of the Federal Reserve, writing last month that virtual currencies hold “long term promise” for innovation in finance and Silicon Valley companies aspiring to use it as the basis of a low-cost alternative financial system.

Related Topics

Copyright The Financial Times Limited 2015. You may share using our article tools.
Please don't cut articles from and redistribute by email or post to the web.


Sign up for email briefings to stay up to date on topics you are interested in