Why Bitcoin is not the root cause of ransomware

Peter Van Valkenburgh is the director of research at Coin Center, a nonprofit research and advocacy group focused on public policy issues related to cryptocurrency technology.

Pete is a former Google Policy Fellow, where he worked with various digital rights organizations on projects related to privacy, surveillance, and digital copyright law.

Ransomware has been around for a long time, predating Bitcoin by about 20 years, but it’s back in the news again thanks to a recent, disturbing case involving a Los Angeles hospital.

Most types of ransomware use a key held by the hacker to encrypt and lock the victim's computer files until the victim pays a ransom. Earlier, ransom payments were usually made through wire transfers, prepaid cards or through text messages and mobile phones.

Now, most of the time hackers always ask for payment in Bitcoins.

You might think that because Bitcoin is an "anonymous" payment method, hackers prefer it because they don't have to worry about being identified and eventually arrested. However, this is not the reason why Bitcoin is a good choice for hackers. In fact, using prepaid cards has a higher level of anonymity, they can be mailed, then used or resold internationally freely without leaving a trace.

However, Bitcoin transactions leave bits and pieces of pseudonyms on the blockchain, and if a hacker wants to convert Bitcoins into local currency, she could accidentally put her name or IP address into these pseudonyms, exposing herself. Bitcoin transactions can reveal the organizational structure of organized ransomware groups, and individual hackers can be arrested and prosecuted.

Bitcoin is useful because its use is fast, reliable, and censorship-resistant.

When the victim pays the ransom, the hacker will know it immediately through the public blockchain. The hacker can even create a different payment address for each victim, and when they confirm the Bitcoin transaction is completed, it will automatically unlock the victim's files.

In fact, as always, these criminals have strict design parameters for the tools they use because if their tools fail, they will not receive technical support, contractual protections, or compensation rights.

Solution

In this case, Bitcoin is used by criminals because it is a system that just works and is very reliable. Ransomware hackers are like smugglers under prohibition: they like customized sports cars because almost everyone still drives a Model T.

As troubling and sad as these hacks are, we should carefully understand the actual situation so that we don’t adopt solutions that do not solve the problem or even make the situation worse.

There are three parts to the ransomware problem, and they are all real, whether the victim is a loved one or a hospital or police department:

1. A hacker gains read/write access to sensitive or valuable data and accesses a computer without authorization.

2. Hackers implant malware into computers and encrypt computer files using powerful encryption methods, and only hackers can control the decryption key.

3. The hackers offered Bitcoin as ransom in exchange for the key.

Cryptocurrency and Bitcoin are the sexiest part of this chain, so they get a lot of media attention.

However, the most fundamental problem is the first part: unauthorized access.

Security and Privacy

For example, in the case of the Los Angeles hospital, any hacker in Russia could access, read, modify, and delete all sensitive medical records, which was a security and privacy disaster.

Whether hackers will encrypt files or demand a ransom is a secondary concern; the damage is already done. Failure to keep these private records safe puts patients at risk of discrimination, personal extortion, and, of course, poor or incomplete medical care.

So, it’s abundantly clear that ransomware has its roots in poor cybersecurity.

Everyone—especially employees of vulnerable organizations—needs to take more care to keep sensitive records secure; and we all need to be more aware of phishing emails and other social engineering tactics that hackers can use to obtain sensitive information.

This problem has existed as long as the Internet, and the solution is pretty simple: use stronger passwords, don't tell your passwords to anyone (not even people who send you official emails), and don't open suspicious attachments from strangers.

Additionally, in this three-part ransomware problem, using passwords and cryptocurrencies is completely legal and even necessary to use applications that can make us more secure.

Unauthorized access due to poor security, which constitutes the first part of the ransomware problem, does us no good.

Searching for a scapegoat

If we want to find ways to prevent these attacks, we need to find the weaknesses in our privacy devices, not the tools that might be used to exploit them.

We should use HTTPS encryption by default; we need to understand and use two-factor authentication; we need to talk to password managers about using stronger passwords; and we need to consider using payment systems that don’t continually leak our personally identifiable information.

Ignoring the problem of unauthorized access and placing the blame on password usage and cryptocurrency will not stop ransomware. In fact, banning or destroying these ransomware tools will only make the ransomware situation worse.

These policies will prevent honest individuals from learning and using technology that can make them safer; however, criminals in the dark corners of the world, sophisticated smugglers with strict design standards will continue to use those powerful tools to do bad things.

Original article: http://www.coindesk.com/bitcoin-root-cause-ransomware/
By Peter Van Valkenburgh
Compiled by: Kyle
Source (translation): 8btc Information (http://www.8btc.com/why-bitcoin-not-root-of-ransomware)