Will cryptocurrencies fund more cyberattacks in the future?
The future of cryptocurrencies is still uncertain in most countries around the world — although Asia is particularly obsessed with crypto.
Despite increasing adoption and interest in cryptocurrencies, several countries have already begun looking to implement more regulations on the usage of crypto.
In Asia, China has already imposed a ban on crypto trading while India is also looking to tighten crypto regulations. Over in Australia, the adoption of crypto is slowly increasing while in Singapore, regulators are closely monitoring crypto exchanges for any illicit activities as well.
Part of the reason why cryptocurrencies have an uncertain future is that the funds are being increasingly used for the wrong reasons.
Put simply, cybercriminals are leveraging cryptocurrencies in getting paid for ransomware attacks on organizations.
According to cybersecurity predictions by Palo Alto Networks, the meteoric rise of bitcoin will create a well-funded adversary. Over the past year, the APAC region has seen a variety of cyberattacks, but the one that has truly risen in prominence is ransomware attacks.
The 2021 Unit 42 Ransomware Threat Report revealed that the average ransom paid by an organization in the first half of 2021 was US$570,000, which is an 82% increase from the year before. This demonstrates how cybercriminals continue to profit and dominate the cyber threat landscape.
But what’s more concerning is the use of cryptocurrency to fuel the ransomware economy. For example, despite its volatility, bitcoin’s value is anticipated to continue rising. It reached a new all-time high in October, and some experts expect the coin’s value to hit $100,000 by early 2022.
Furthermore, the decentralized nature of cryptocurrency offers attackers anonymity and protection of their identities. As the currency is not tied to any central bank or financial institution, it makes it hard for regulators to trace back to the criminals.
Cybercriminals can move their illegitimate proceeds across countries without detection and engage in money laundering to further fuel illicit activities. Viewed through this lens, cryptocurrency has become a vehicle for cybercriminals to supercharge their unlawful deeds.
With the future value of cryptocurrency expected to reach greater heights, it is not surprising that it also signals further growth and evolution of cybercrime. Cybercriminals who have received ransom payments in cryptocurrency will have more funds and resources to launch bigger attacks on critical infrastructure. Beyond monetary loss for businesses, the systems and services that entire populations depend on could be crippled.
“We can also expect cybercriminals to take data exploitation to the next level. Attackers are now launching “shameware” attacks, which double extortion in ransomware campaigns, in a bid to inflict lasting reputational damage on targets who do not accede to their ransom demands. The emergence of double extortion tactics points toward how attackers plan to take confidential information public. We will also see quadruple extortion tactics coming to the forefront, as threat attackers add pressure points to coerce their victims into paying up,” said David Rajoo, Country SE Head, Cybersecurity Engineering at Palo Alto Networks.
Cybersecurity, cryptocurrencies and the future
While countries are expected to impose some regulations on cryptocurrencies in the future, this may not be a hindrance for cybercriminals. In fact, they may take it as a challenge and target more organizations, demanding higher ransoms in crypto or even launch attacks on crypto exchanges as well.
“As a first step, organizations can improve their cybersecurity posture by undertaking a Ransomware Readiness Assessment to determine their level of preparedness for an attack or run tabletop exercises to identify any security gaps that need to be addressed,” commented David.
He added that organizations should tackle the root of the problem by adopting a prevention-based approach to cybersecurity. This includes examining how to reduce the attack surface and building capabilities that prevent both known and unknown threats are essential. As attackers’ techniques become more sophisticated, he felt that organizations should include AI and other new technologies as part of their arsenals. Correlation capabilities that provide continuous validation of authorized use and accurate detection of anomalous activities will also help.
At the same time, closer collaboration between cybersecurity providers, cloud and telecommunications operators is critical to disrupting successful ransomware attacks and imposing real costs on adversaries. Cybersecurity providers have access to threat intelligence and information on the activities of ransomware gangs, while the infrastructure of the latter is used by ransomware actors to propagate attacks.
“Cybersecurity is a team sport where everyone – individuals, businesses, and the authorities – needs to work together to safeguard the data and integrity of assets belonging or connecting to any organization’s network. The more united we are in our approach against cyber attackers, the harder it will be for them to put our finances at risk, steal our information, and disrupt our livelihoods,” added David.
Apart from cybercriminals demanding more ransom in cryptocurrencies in the future, David explained that as physical and digital lines blur, who or what organizations trust will impact cybersecurity even more.
“As we enter the era of Web 3.0, the spatial web will be brought to the forefront. We will be interacting with smart devices that have intuitive and sensory triggers such as geolocation, computer vision, and biometric or commands. Digital information will exist in physical spaces, meaning that security breaches of such devices could lead to far-reaching consequences in the real world,” explained David.
David pointed out that Palo Alto Networks also predicts the API economy to usher in a new era of digital fraud and exploits while cyber attackers will also set their targets on critical infrastructures of nations. And with remote and hybrid work ongoing into 2022 for some organizations, there will continue to be a convergence of network and security. Organizations need to extend their corporate networks and bring unified security policy management to their work-from-home employees.