ForumIAS announcing GS Foundation Program for UPSC CSE 2025-26 from 19 April. Click Here for more information.
ForumIAS Answer Writing Focus Group (AWFG) for Mains 2024 commencing from 24th June 2024. The Entrance Test for the program will be held on 28th April 2024 at 9 AM. To know more about the program visit: https://forumias.com/blog/awfg2024
Contents
Source: Business Standard
Relevance: Cryptocurrency is an emerging sector. As a UPSC aspirant one needs have knowledge about its pros and cons.
Synopsis: Use of cryptocurrencies for ransomware attacks by hackers and related challenges.
| Must Read: What is a ransomware? |
How is crypto used in cybercrime?
A typical ransomware attack on a company or organization might proceed like this: Executives realise their business website is down or systems inaccessible, and administrator overrides don’t work. A ransom demand arrives via email, providing a Bitcoin address where the payment must go if the company wants its systems operational again, along with a deadline. The victim calls up the Bitcoin address, which is 26 to 34 characters in length, when signing onto a cryptocurrency exchange to make the deposit.
What makes crypto attractive to criminals?
The anonymity built into the blockchain, which forms the foundation of cybercurrencies, can be utilized through a variety of ways.
- Coin mixer: A ransom paid in Bitcoin can be swiftly run through a so-called cryptocurrency mixer or coin mixer, which obscures the trail of ownership by pooling it with other people’s holdings. (While the practice itself is not considered illegal, mixer operators can get into trouble if found to have laundered illegally gotten money.)
- Conversion to a different cryptocurrency: Another option is to convert the ransom payment to a different cryptocurrency via a crypto exchange. So-called money mules (a person who transfers illegally obtained money between different payment accounts) can be recruited on dark web forums and directed to withdraw Bitcoins out of certain accounts.
In 2020, victims paid more than $406 million in cryptocurrency to attackers, according to blockchain analysis firm Chainanalysis Inc. This year, groups had taken at least $81 million from victims as of May, the firm said. Hackers who specialize in ransomware are said to be actively seeking out targets that have insurance.
Can payments made in cryptocurrency be traced?
Yes, at least at first. All Bitcoin transactions, while anonymous, are available for anyone to see, so someone tracking a particular Bitcoin wallet can observe when cash arrives. But accessing the money inside the wallet requires a private key, essentially a password, and that’s something ransomware groups do not normally share with anyone outside their operation.
What steps can be taken?
Regulation is the key. In April, the Ransomware Task Force, a private-public partnership created by the Institute for Security and Technology, published an 81-page report with recommendations for how governments can protect against and deal with ransomware attacks.
- The group urged governments to extend Know Your Customer (KYC), Anti-Money Laundering (AML) and Combating Financing of Terrorism (CFT) requirements — which national and international authorities enforce against banks around the world — to crypto exchanges, kiosks (crypto’s version of automated teller machines) and over-the-counter trading desks.
- Calls to ban Bitcoin altogether have been quieted by the currency’s gradual acceptance by the financial industry.
Terms to know:
