British Companies Buy Up Bitcoin for Ransoms As Costs of Attacks Surge

This post was originally published on this site


There has been a notable uptake in the buying of Bitcoin by some of the bigger companies and businesses in Britain as the fear of a ransomware attack still looms large.

There have been some major hits in recent times that have seen companies and institutions as big as the National Health Services and FedEx forced to pay ransoms in Bitcoin.

Negotiating with terrorists

This trend of preparing to be held ransom by British businesses is nothing new, as it was reported in early June that up to a third of businesses in the UK were holding Bitcoin in anticipation.

However, despite the advice from law enforcement being that companies should not be paying the ransoms, the number of businesses that have picked up the digital currency has grown.

The average fee that an individual has to pay to get back their information is also growing as it is up from £250 per victim in 2014 to £830 in 2016, and rising further.

Hold tight, hold big

It is estimated that companies are holding on average £46,000, with larger firms holding £136,000. It seems a rather large sum, but a Korean web hosting provider was forced to pay $1 mln in a ransomware demand to restore data from an attack which infected 3,400 separate websites.

Spanish telecom giant Telefonica faced an 85 percent computer shut down after hackers infiltrated its systems demanding $550,000 in Bitcoin, in May

It has become part of many companies’ budget, setting aside enough money to build up a stockpile that would be suitable in the event of a hack.

Cybercrime is the new nine to five

The ease in which criminals are working in hacking major companies has a lot to do with the manner in which they approach things. It has become a professional racket which even sees the return of data being done through friendly “customer support.”

When victims do bite the bullet and pay for the return of their information, they are met with an agent via a Skype-type call or chat box that helps them to retrieve their data in step-by-step instructions.

Furthermore, a security consultant has explained how organized the cyber crime is, explaining its effectiveness.

“What we are seeing is criminality that works around a conventional business model. You have got people who are effectively employees, who turn up to work in an office block, who spend the day extorting cash or sending denial of service attacks, have a sandwich break and then go home to put the kids to bed. I wouldn’t be surprised if they had a staff restaurant and gym.”

Caught napping

Andrew Beckett, head of cyber defense for corporate risk company Kroll, has said that the hackers are leading the way, and with Bitcoin, anonymity, the power of the Internet and a multitude of other factors, they hold all the card.

“The rise of malware as a service where all you go and do is buy the ransomware and plug in your victim’s IP address or a range of IP addresses, means that the investigation on the part of law enforcement leads you back to at best a grey area. The only connection between multiple attacks is one guy who sold his program to multiple people.”

The result is a sinister growth industry which companies are scrambling to anticipate by stockpiling Bitcoin and which experts warn the world is not yet ready to repel.

Beckett added: “The world has been caught napping in that we don’t have the resources – either the tooling or the skilled people – to combat it at the scale at which it has arrived. It will change. But for now, we are from the defensive point of view on the losing end of an arms race.”