Hackers made $50 000 via Bitcoin
On Friday, May 12th, the world has witnessed what was called “the biggest cyber attack in history”.
Over 200 000 computers in 150 countries were infected with a virus called WannaCry. The biggest damage has been inflicted to Russia-based organisations – the ransomware has hit the Russian interior ministry, mobile provider MegaFon, the financial group Sberbank, as well as a number of other ministries and state-run companies. Significant damage has been caused to the British health care system – over 16 hospitals ended up being locked out of the system. Medical staff had no access to digital patient files and was unable to help even with the emergency cases.
Who is to blame?
The computer systems were affected by the ransomware WannaCry. Ransomware is a malicious software that encrypts all of the users data and displays a message demanding a payment in order to restore access to the files. WannaCry The virus exploits a vulnerability in the system that was supposed to be fixed in March 2017. Microsoft released a patch to protect the users. However, those using the no longer supported by Microsoft Windows XP and users who turned off automatic updates and didn’t update their software manually were left unprotected.
The ransomware is rumored to be developed by the military intelligence unit of the US National security agency. A hacker group named Shadow Brokers claims to have stolen the “secret weapon”, that was later used for the most global cyber attack in history, from the US government earlier this year. Perpetrators are being blamed for having possible links to Russia, although Russian authorities are denying their involvement.
The hackers are demanding $300 in order to restore the files encrypted by WannaCry. Those who keep hesitating whether to make the payment, are going to pay more – Shadow Brokers threaten to double the ransom on Monday 15th and delete the files completely by May 19th if no payment has been received on the deadline date. As of now, $50 000 USD has been transferred to Bitcoin wallets. The amount doesn’t sound all that big considering we are talking about a massive cyber attack. What are the factors that stop desperate victims from paying the ransom?
Bitcoin – accomplice or obstacle?
Bitcoin is known as the favorite payment method for online perpetrators. The payments being anonymous make it harder for the law enforcement agencies to identify the hackers. In most cases, the ransomware creates a unique Bitcoin address for each victim. Therefore, the payment can be traced to a particular user, allowing the hackers to decrypt the files. That’s not how WannaCry works, claim the cybersecurity experts. There were only a few public Bitcoin addresses involved in the ransomware. The hackers recommend to pay and just…wait. So, even if you decided to make a payment, there is no guarantee that your files will be decrypted.
Another reason for the payments being so slow is that very few organizations have had experience with Bitcoin. Most users have no clue about how cryptocurrency works and what it takes to make a payment. Obtaining a Bitcoin wallet and making a transaction takes time.
Knowing that the Bitcoin transactions are anonymous and almost impossible to trace, many of us wonder whether we are meant to become easy targets when entering the cyberspace, or if there’s a way to stop online criminals. James Smith, CEO of Elliptic, a London-based company that helps law enforcement agencies track criminals using the cryptocurrency, claims to know of a way to identify the hackers by tracing the public. The situation will become clearer as Shadow Brokers try to withdraw Bitcoin in fiat currency.