Ransomware Likely to Continue Exponential Growth Unless Governments Act, says F-Secure Labs

Helsinki, Finland – April 25, 2017: The availability of Bitcoin, the open-source virtual currency, has made crypto-ransomware's business model viable and profitable, feeding an online crime wave that has seen new extortion-enabling malware families at least double each year since 2012. Unless governments disregard previous concerns about shutting down the anonymous funding source, F-Secure Labs warns, this exponential growth is likely to only be limited by the ability of consumers to purchase Bitcoin.

"Bitcoin survived and thrived during the last U.S. presidential administration," says Sean Sullivan, Security Advisor at F-Secure. "However, the new administration has indicated that it's eager to reinvigorate ‘the drug war' by even cracking down on the sale of marijuana, which new U.S. Attorney General Jeff Sessions has said is just ‘slightly less awful ‘than heroin. If the U.S. pursues all the forms of potentially illegal payments, ransomware's growth could be abated. Otherwise, we expect to see the new ransomware families we discovered in 2017 at least double."

There was one known ransomware family variant in 2012, according to F-Secure's State of Cyber Security 2017 report. By 2015, there were 35, which exploded to 193 in 2016.

Bitcoin is Ransomware's only constraint

Chinese companies have made considerable investments into the vast server farms needed to mine the digital currency. The result is that 42 percent of all Bitcoin transactions last year took place in China exchanges, according to an analysis performed for the New York Times.* Sullivan has even noticed that the Shanghai Composite Index, one of the nation's leading financial indicators, correlates at times with the Bitcoin Price Index.

"While better blockchain provides them with visibility over their markets, officials in China likely have little financial incentive to see the Bitcoin market hindered in any way," Sullivan says. "The U.S. government, however, has shown little interest in legitimizing the virtual currency as investment."

The U.S. Securities and Exchange Commission rejected the creation of a Bitcoin exchange-traded fund due to "concerns about the potential for fraudulent or manipulative acts and practices in this market" in March.**

"It's conceivable that the Trump administration could argue that the anonymity of Bitcoin is enabling both the drug trade and international terrorism, crimes that have been continually used to justify new powers for U.S. law enforcement. Or perhaps the U.S. government could even identify ransomware as the growing risk it has become for consumers, the health care industry and local governments, along with the burgeoning risks of the cyber-extortion of ‘Internet of Things' devices."

A small change that could make a big difference

U.S. and European officials could make a major dent in the availability of Bitcoin with a relatively simple change. "Bitcoin exchange accounts could be required to be tied to a physical address," Sullivan says. Currently it takes just minutes – or seconds – to open a Bitcoin account in a third-party market. This requirement would require an activation code that's mailed to you before an account can be opened.  While this wouldn't affect criminals who do business out of Russia and China, it would make their attacks far less profitable.

"The exchanges would hate it. But given the hundreds of millions of dollars being extorted every few months, it seems appropriate," Sullivan says. "Barring this or a similar step, exponential growth of malware families delivering these threats seems to be the only other option."

But time is of the essence, Sullivan stresses.

"Ethereum is now trading at a similar trajectory as Bitcoin,"*** he says. "If governments don't act now to come up with a strategy for dealing with digital currencies, it's not going to get any easier."

*Source: https://www.nytimes.com/2016/07/03/business/dealbook/bitcoin-china.html **Source: https://www.nytimes.com/2017/03/10/business/dealbook/winkelvoss-brothers-bid-to-create-a-bitcoin-etf-is-rejected.html ***Source: https://coinmarketcap.com/currencies/ethereum/

More Information:

Bitcoin Friction Is Ransomware's Only Constraint - Sullivan's research into the "customer portal" of a family of cypto-ransomware known as "Spora" reveals that the criminals run their operations like an actual business with regularly scheduled spam runs to lure in new victims. And while the crooks are flexible about deadlines, the method of payment is non-negotiable: it must be in Bitcoin.

"We should be thankful that there are at least some limits on purchasing Bitcoin. If it were any easier to do so, very little else would check the growth of crypto-ransomware's business model," Sullivan says. "The malware technology to encrypt data has been possible for many, many years; the bigger challenge has always been getting paid."

About F-Secure

Nobody has better visibility into real-life cyber attacks than F-Secure. We’re closing the gap between detection and response, utilizing hundreds of our industry’s best technical consultants, millions of devices running our award-winning software, and ceaseless innovations in artificial intelligence. Top banks and enterprises trust our commitment to beating the world’s most potent threats. Together with our network of the top channel partners and over 200 service providers, we’re on a mission to make sure everyone has the enterprise-grade cyber security we all need.

Founded in 1988, F-Secure is listed on the NASDAQ OMX Helsinki Ltd.

f-secure.com | twitter.com/fsecure | linkedin.com/f-secure

F-Secure media relations

Adam Pilkey

PR Content Manager

+358 40 637 8859
adam.pilkey@f-secure.com

Press list

Sign up for media information from F-Secure.

We process the personal data you share with us in accordance with our Corporate Business Privacy Policy.

Press archive

By year

Browse through our news by year.

By category

Browse through our news by category.