Ransomware Is A Growing Problem For Crypto And Other Investors

Ransomware Is A Growing Problem

Ransomware: There has been an increasing threat of cyber attacks on critical infrastructure in the United States. Remember the Colonial Pipeline attack or meat processor JBS Foods?

This problem was first put on my radar by Joshua Steinman, a former member of the National Security Council, in the summer of 2021. During our conversation, Steinman explained how these attacks are carried out, why they have become so lucrative, and what the government is doing to mitigate this threat moving forward.

Towards the end of last year, Steinman started a new business, Galvanick, to create a technology solution aimed at making various industrial operations more secure. The Galvanick team are joining a growing list of companies that are addressing an increasing threat from nefarious cyber attacks.

Photo – The Register

Xona, another player in the space, describes their technology with the following excerpt:

“XONA enables frictionless user access that’s purpose-built for operational technology (OT) and other critical infrastructure systems. Technology agnostic and configured in minutes, XONA’s proprietary protocol isolation and zero-trust architecture immediately eliminates common attack vectors, while giving authorized users seamless and secure control of operational technology from any location or device.

With integrated multi-factor authentication, user-to-asset access controls, user session analytics, and automatic video recording, XONA is the single, secure portal that connects the cyber-physical world and enables critical operations to happen from anywhere with total confidence and trust.”

So why exactly are companies like Galvanick and Xona finding so much success in protecting critical infrastructure? Well, quite simply, the cyber problem is incredibly painful for the companies and organizations tasked with running this infrastructure.

There was a new ransomware report published by Elementus (I’m an investor) that highlights the growing ransomware problem, both in size and scope, since 2015.

Via Max Galka

#Ransomware has evolved from indiscriminate breaches of personal computers to targeted attacks on critical infrastructure

Avg ransom in 2015: $293

Avg ransom in 2021: $623,000

For the full history see our new interactive visualization:

via @elementus_io elementus.io/ransomware-car…

The company estimates that approximately $2 billion has been paid in ransomware via bitcoin in recent years. This opening from their report gives a good sense of the problem:

Ransomware is a burgeoning criminal industry of staggering size, scope, and sophistication, extorting billions of dollars from victims, with vast implications for national security. It centers around sophisticated cyber attacks carried out by powerful, constantly-evolving criminal enterprises that in many ways resemble the Italian crime families of old. And like the Mafia, they are organized, ruthless, and adept at turning on a dime to evade the law.

Once rare outliers, multimillion-dollar ransom payments have become standard fare; and because locating the culprits on the blockchain is an exercise in finding a digital needle in a haystack, they often get away with unimaginable sums of ill-gotten gains in broad daylight. Of great concern is the fact that ransomware groups are increasingly turning their focus away from individuals and towards critical national infrastructure such as hospitals, meat-packing facilities, and oil pipelines.

While data breaches were once an unfortunate side-effect, today these criminals frequently execute a sinister one-two punch by collecting millions in ransom and then leaking the stolen data anyway.

Put simply, we are facing a technology pandemic on the brink, one that demands careful study and a decisive response.

The headline takeaways from the report are also worth understanding:

  1. Ransomware has become a full-fledged growth industry that is hundreds of millions of dollars larger than reported to date.
  2. Hard as it to imagine, more than $2 billion in ransom has been paid since 2019.
  3. In 2021 ransomware groups pulled in more than $1 billion, the first time payments exceeded nine figures in a single year.
  4. Individual ransomware payments exceeding $1 million each increased by 465% between 2019 and 2020.
  5. Russia has become the ransomware hub of the world. Five of the eight most lethal ransomware strains are operating out of Russia, and given the data, it would not be surprising if the other three also have ties to Russia.
  6. Ransomware exposure has tainted the legitimate blockchain ecosystem because ransomware groups attempt to hide and launder large quantities of illicit proceeds by sending an estimated 43% of funds through mainstream entities such as exchanges. This has serious implications for banks, financial institutions, and cryptocurrency exchanges, as increased compliance and regulation around all things crypto looms on the horizon.

You can read the full report here.

Now here is one of the interesting things about the rise in ransomware and other illicit transactions using bitcoin — the number of transactions are growing in aggregate, but the percentage of total bitcoin transactions is actually dropping. Here is a graphic from Michael Morrell, the former acting CIA Director, in a report that he published last April showing that less than 0.5% of all bitcoin transactions are for nefarious or illicit purposes.

This is an important point to remember, because the ransomware threat is only going to increase over time. Critical infrastructure will continue to be attacked. Various criminal organizations around the world will attempt to use bitcoin or other cryptocurrencies as a tool in their attack. Regardless of their level of success, my expectation is that bitcoin transactions for non-illicit purposes will grow at a faster pace.

Whenever there is a growing threat, there will be a burgeoning industry that sprouts up simultaneously.

This economic growth will be for both the bad actors and those trying to mitigate the threat. We are about to see an explosion of new companies that will help protect critical infrastructure — user access controls, alarm systems, etc — along with a rise in companies that will help track the nefarious actors and their financial activity.

There are complex issues at play here (ex: financial privacy vs efficacy of law enforcement, geopolitical strategy, etc) that I will try to unpack in future letters.

Credit: GlobalCrypto.Exchange | Max Galka | elementus.io

All the information and photo credit goes to respective authorities. DM for removal please.

Leave a Reply