Can Ransomware Attacks Be Cryptocurrency Price Signals?
Which cryptocurrencies are likely to be affected by the ransomware crisis, and how to spot possible ransomware-driven price moves.
Paying attention to ransomware news may be able to provide some insight into cryptocurrency price moves. Everyone knows ransomware attacks are getting worse, but how and why are they getting worse, and what impact will it have on cryptocurrency markets?
This article will provide some background on recent developments in ransomware, and what it means for the cryptocurrency markets.
Ransomware is Getting Serious
Ransomware operations used to be relatively rag-tag operations. Hackers would send out masses of email spam, and whoever was foolish enough to open a malicious attachment got their files locked. The only way to decrypt them was to hand over some Bitcoin.
Ransomware existed before Bitcoin, but the rise of the internet of money gave a massive boost to ransomware hackers. Not only did it allow them to make more money— but it also enabled buying and selling services on the dark web.
This made possible an unheard of level of coordination between hackers. They could much more easily sell and develop software, exploits, and even subcontract out work on a commission basis. This led to the rise of “ransomware-as-a-service,” highly specialized software capable of evading anti-virus protection.
This specialized software meant that other hackers could devote all of their time to become experts in breaking into networks and delivering the ransomware. Hackers might spend months gathering intelligence and executing complex, multi-level attacks.
Tactics include gaining access to the email addresses of executives and then using them to trick certain employees into clicking links. In this way, hackers are able to encrypt the entire file systems of huge companies and gain access to sensitive data.
Hackers have also turned towards extorting money by threatening to release confidential information; health care providers and law firms are favorite targets for this kind of attack.
Ransom Demands are Getting Bigger
As attacks get more targeted and sophisticated, the average ransom size keeps going up. The average ransom demand increased by an estimated 80% between 2019 and 2020.
In the last two years, ransomware victims paid several ransoms of over $10 million dollars. The not-so-enviable distinction of paying the largest ransomware ransom ever goes to CNA financial, who paid an eye-watering $40 million dollar ransom.
Of course, making a $40 million dollar Bitcoin buy officially qualifies you as a whale. In a huge market like Bitcoin, buys of this scale can definitely have an impact on price, but it’s not likely to be more than a few percent, under normal circumstances.
Collectively, however, dozens or hundreds of ransomware victims buying at the same time could definitely put on upward price pressure. There’s also a good chance that ransomware hackers will keep getting better, and figuring out ways to do more damage so they can demand bigger ransoms.
Increasing Heat on the Hackers
The Colonial pipeline attack was not the biggest ransom ever paid, but it has some of the biggest implications. The shutdown of the pipeline caused fuel shortages across the East coast of the United States, raising awareness about ransomware’s potential to affect critical infrastructure.
This led to a major backlash from law enforcement. The FBI went after the hackers (who were apparently dumb enough to use hot wallets for the ransom) and seized some of the servers used by the hackers, along with over $2 million worth of the ransom.
At the same time, some ransomware gangs mysteriously went dark. This may be an indication that either some government agency like the NSA is striking bad with digital countermeasures, or that hackers, scared by the increased press, are retiring,
Some of the major Russian language forums that hackers used to market their goods and services (including RaaS developers) also suddenly announced they would no longer allow ransomware services to advertise in their marketplaces.
As more heat comes on ransomware, hackers are moving to improve their security. Email communication used to be the norm for hacker-victim communications. Not so anymore; hackers increasingly rely on the dedicated dark web “customer service” interfaces which are harder to trace.
Adoption of Privacy Coins
Among the security measures gaining popularity with hackers is the use of anonymous cryptocurrencies, most notably Monero (XMR). A number of RaaS operations have transitioned to Monero, going as far as to offer a 10% discount on ransoms paid in Monero.
Monero is currently the most widely used privacy coin, beating out competitors like Dash and Zcash. When the ransomware gang “REvil” hit computer manufacturer Acer in 2021, they demanded $50 million dollars worth of Monero.
Acer did not pay up, but if they had, you can be sure it would have had a major impact on the price of XMR.
How to Spot Ransomware Attacks
The tell-tale sign of a major ransomware attack is when a major company goes offline or stops operations without explanation. This was the case with the recent JBS attack; the company stopped distributing meat, leading to a meat shortage in many areas. Later, it was confirmed that it was a ransomware attack.
There’s no way to know for sure if a company will pay, but if the ransomware gang behind the attack is known, it is possible to verify if they are one of the gangs that use Monero. However, ransomware victims may not pay in Monero in every case— some companies have Bitcoin reserves, so may opt to pay in Bitcoin directly.
It’s hard to believe that a company would throw away tens or hundreds of thousands of dollars to pay in Bitcoin, though, when they can just jump on an exchange and buy some Monero.
The Future Outlook
It doesn’t seem like ransomware is going away any time soon. The COVID pandemic has caused more businesses to move online than ever before, multiplying the number of attack vectors for hackers. At the same time, cybersecurity awareness has not at all caught up to this new reality.
If this trend of hackers moving towards privacy coins continues, it’s certain to have a big impact on the cryptocurrency markets. It’s estimated that victims paid $18 billion dollars in ransoms in 2020, a significant increase over the previous year.
We can’t really call this good news, but it certainly is bullish for the cryptocurrency market.
This article has been published in accordance with Socialnomics’ disclosure policy.
