Just a couple of days back, Kevin Mandia, CEO of cybersecurity firm FireEye, told CNN that the rise in ransomware attacks is closely associated with the proliferated use of digital or cryptocurrency. He added, “There is a direct connection.” Mandia’s statement proved to be true because research from cybersecurity company Barracuda revealed that a staggering 192% rise in cryptocurrency-related cyberattacks has been registered after the Bitcoin surge in October 2020.
The study, which was conducted between October 2020 and May 2021, saw the researchers discretely analyze phishing and business email compromise (BEC) attacks. After monitoring the trends closely, it was observed that the volume of cryptocurrency-related attacks was associated with the rapidly rising price of Bitcoin. The price of Bitcoin increased nearly 400% during the observation period and saw a subsequent 192% increase in impersonation (i.e., phishing and BEC) attacks.
Until recently, the real-world usage of Bitcoins looked like a far-fetched dream. However, with companies embracing this digital payment option, cryptocurrency has now started gaining more value than expected.
As rightfully stated by Mandia, cryptocurrency has been traditionally used in ransomware attacks and was evident in the Colonial Pipeline attack or the JBS attack, where the companies were asked to pay millions of dollars in Bitcoin as ransom. Mark Lukie, Systems Engineer Manager, Barracuda, Asia-Pacific said, “You don’t need to be a technical genius to launch a ransomware attack. Ransomware-as-a-service — where you can hire a group to carry out an attack for you — is flourishing on the dark web, making ransomware more accessible to criminals, and driving an increasing number of attacks.”
However, Barracuda’s study reveals that cybercriminals are now not just using cryptocurrency for ransomware attacks but are also pivoting towards newer attack vectors. This includes spear phishing, impersonation, and BEC attacks. Cybercriminals are using malicious tactics like sending fake security alerts to steal Bitcoin login credentials, targeting employees with personalized emails, and even tricking users into purchasing or donating cryptocurrency to fake charities.
Another key trend that Barracuda’s researchers observed was that, with every passing year, there has been a spike in both ransomware attacks and the ransom amounts. In 2019, the ransom demand ranged from a few thousand dollars to $2 million, but by mid-2021, the demand reached the ceiling at $20 million.
As a note of caution, Lukie suggested, “Staying on top of the latest trends in email attacks and providing employees with security awareness training to identify and avoid attacks, as the highest priority when it comes to protecting against these kinds of attacks. While making sure you have watertight security solutions in place that provide bot mitigation, DDoS protection, API security, and credential stuffing to secure web applications against ransomware, backing-up data to minimize downtime, data loss, and get your systems restored quickly following an attack, is also necessary and give you peace of mind.”