FBI calls crypto ‘only game in town’ as ransomware flourishes


The FBI discourages companies from submitting to extortion because, it argues, the funds serve only to embolden bad actors and augment their capabilities. — DARWIN LAGANZON/Pixabay

Cryptocurrencies and deep-fake technology are sending chills throughout the US government, with cyber crooks embracing digital innovations so rapidly that law enforcement can barely keep up, according to the Federal Bureau of Investigation.

"Crypto is the primary currency, the primary vehicle, to facilitate extortion payments. It’s the only game in town,” Bryan Vorndran, assistant director of the FBI’s Cyber Division, said in a Bloomberg virtual panel discussion on cybersecurity Tuesday. "We all know the blockchain offers us some opportunities, but the ability to pay crypto, script it immediately into a tumbler, whether through an extortion payment or theft, is a huge, huge challenge for us.”

Criminals love Bitcoin in particular because it’s effectively unhackable and, unlike cash, can be transferred in large amounts almost instantly without ever touching the banking system. For those reasons, the virtual token is almost always the form of payment demanded in ransomware attacks, such as those using malware to paralyse computer networks.

Last May, a Russia-linked group later identified as DarkSide crippled Colonial Pipeline Co until the company paid almost US$5mil (RM20mil) in cryptocurrency. The following month, US officials said they recovered 63.7 of the 75 Bitcoin involved.

Meatpacker JBS SA and even the Washington police department are among the other organisations victimised by ransomware groups.

The FBI discourages companies from submitting to extortion because, it argues, the funds serve only to embolden bad actors and augment their capabilities.

Recently, the bureau has developed evidence suggesting that criminal gangs in Russia and Eurasia have set up call centres to professionalise their ransomware businesses, and are sharing data gathered from victims, Vorndran said.

A growing area of concern for officials is so-called synthetic content, colloquially known as "deep fakes.” Advances in computing technology have leapfrogged from lab settings into the real world, allowing criminals to deceive, misinform and defraud by impersonating others. Vorndran said such technology and it’s potential to erode democracy is one of the things that keeps him up at night.

"When you look at biometric authentication, facial recognition, digital footprints, mimicking voices, these things are huge, huge challenges to law enforcement, to the intelligence community in the next 5-10 years,” he said. "The synthetic content piece is something that is a fascinating discussion but also a very, very scary discussion.”

One persistent problem for the US government is the lack of reporting by companies and other organisations when cyberattacks happen. The reasons for that hesitancy range from ignorance to mistrust of the government’s motives.

Vorndran said the government estimates it has data on only 20% to 25% of domestic cyber breaches, a data set too small to be very useful, especially when trying to anticipate what adversaries will do next. Joining him in urging more cooperation from the private sector is Eric Goldstein, the executive assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency, or CISA.

"The best thing we can do as the US government to help resolve hesitation is by showing value, is by showing organisations that by engaging with CISA, engaging with the FBI, they will get information, expertise, support, the ability to collaborate seamlessly across sectors, that can help them to protect their enterprise and help them to protect their customers,” said Goldstein, who also participated in the Bloomberg panel. – Bloomberg

Article type: metered
User Type: anonymous web
User Status:
Campaign ID: 1
Cxense type: free
User access status: 3
Join our Telegram channel to get our Evening Alerts and breaking news highlights
   

Next In Tech News

Russian parliament approves tax break for issuers of digital assets
G7 to tackle cyber threats and disinformation from Russia: communique
Swiss top court upholds ban on foreign online betting operators
Indonesia will use Covid tracking app to sell cheap cooking oil
Siemens to invest in Volkswagen's N.American charging network
Uber agrees to Australia minimum pay body after similar moves in Britain, Canada
Instagram and Facebook remove posts offering abortion pills
Russian industry faces code crisis as critical software pulled
Russia fines United Parcel Service over data storage - TASS
Russia fines foreign firms for alleged data storage violations

Others Also Read