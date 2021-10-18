Ransomware Attacks Are On The Rise, Treasury Warns

Technology has undoubtedly changed the world for the better, but it has also made both governments and corporations more vulnerable to different types of attacks.

Cybercriminals, hostile governments, and other malicious actors are using increasingly sophisticated techniques to target businesses and government institutions.

Hacker groups use a wide variety of malware (malicious software) to target their victims, but in recent years they have mostly deployed ransomware.

But what exactly is ransomware and how does it work? Why are ransoms usually paid in Bitcoin?

FinCEN Issues Warning

The United States Financial Crimes Enforcement Network (FinCEN), which is a bureau of the Department of the Treasury, recently warned that ransomware attacks are on the rise.

As reported by Tom's Hardware, FinCEN said that $5.2 billion worth of Bitcoin transactions have been linked to ransomware.

The bureau said that its data "indicates that ransomware is an increasing threat to the U.S. financial sector, businesses, and the public."

In conclusion, according to the publication, "ransomware isn't having a moment; it's establishing a long reign."

What Is Ransomware?

The term ransomware is used to describe malicious software that hackers deploy to lock or encrypt data on a computer or a computer system, per McAfee.

The victim's files are then held for ransom -- in other words, the victim is told to submit a payment if they want to have their data decrypted or unlocked.

Ransomware attacks can paralyze an entire organization and cause millions in damages, which is why many companies decide to pay the ransom as opposed to waiting until the authorities address the situation.

How Does Ransomware Work?

Ransomware has become more complex over the years, with new variants being released into the wild by various hacker groups on a monthly basis.

As McAfee noted, ransomware is usually distributed through email spam campaigns or targeted attacks.

"Ransomware uses asymmetric encryption. This is cryptography that uses a pair of keys to encrypt and decrypt a file. The public-private pair of keys is uniquely generated by the attacker for the victim, with the private key to decrypt the files stored on the attacker’s server. The attacker makes the private key available to the victim only after the ransom is paid... Without access to the private key, it is nearly impossible to decrypt the files that are being held for ransom."

Why Bitcoin?

So why do attackers always ask their victims to submit ransom payments in Bitcoin?

As a cryptocurrency (decentralized digital money designed to be used over the internet), Bitcoin is anonymous, virtually untraceable, and unregulated, which makes it ideal for cybercriminals.

Experts -- including the Bank of England’s deputy governor for financial stability Jon Cunliffe -- have warned that Bitcoin and other cryptocurrencies could cause a major global financial crisis if left unregulated, but Western governments have not yet taken any concrete steps to impose stricter rules.

