Government reluctance to shut down the virtual currency Bitcoin has made the rapid growth of cyber-extortion possible, but that could change if the United States or China shifts law enforcement priorities.
Helsinki, Finland – April 25, 2017: The availability of Bitcoin, the open-source virtual currency, has made crypto-ransomware's business model viable and profitable, feeding an online crime wave that has seen new extortion-enabling malware families at least double each year since 2012
There was one known ransomware family variant in 2012, according to F-Secure's State of Cyber Security 2017 report. By 2015, there were 35, which exploded to 193 in 2016.
Chinese companies have made considerable investments into the vast server farms needed to mine the digital currency. The result is that 42 percent of all Bitcoin transactions last year took place in China.
The U.S. Securities and Exchange Commission rejected the creation of a Bitcoin exchange-traded fund due to "concerns about the potential for fraudulent or manipulative acts and practices in this market" in March.
A small change that could make a big difference
U.S. and European officials could make a major dent in the availability of Bitcoin with a relatively simple change. "Bitcoin exchange accounts could be required to be tied to a physical address," says Sean Sullivan, Security Advisor at F-Secure. Currently it takes just minutes – or seconds – to open a Bitcoin account in a third-party market. This requirement would require an activation code that's mailed to you before an account can be opened. While this wouldn't affect criminals who do business out of Russia and China, it would make their attacks far less profitable.
But time is of the essence, Sullivan stresses.