- Jun 12, 2014
- 16,361
- 14,828
Founding Member
The way you describe it, Bitcoin shouldn’t be used for ransom payment. If that were true, why do they use it? Why are they using crypto(currencies) to buy their new Lambos/Ferraris/Bugatti’s?
Ransom recipient are not cowering, They are using the money to buy luxuries and “reinvesting” in their companies by buying more 0days, so they can do the next thing.
As long as the “hackers” stay in Russia (or China or wherever), they can essentially do whatever they want.
Crypto(currencies) are not my in wheelhouse, but I will say there isn’t any slowing down on pushing out ransomware, collecting the coin, and living the high life.
They aren't slowing down because people hear crypto currency and believe it is safe. especially with movies and televisions shows selling it as the next step in the evolution of hidden funds.
Now it's not as easy to trace as a check or a wire transfer (obviously). But the path is still there. Bitcoin being backed they way they are has a 100% path on both sides of the transaction. The fact that the hackers we know about use Bitcoin, truly shows what level of hackers they are.
Geofencing the US from “the rest of the world” isn’t really feasible. Attribution is hard. They don’t fire up their home computers and start their campaigns. Instead, they bounce off of compromised hosts in other countries (even the US) and the use their ephemeral, cloud-based infrastructure to carry out their deeds.
agreed...
Many in infosec come from military backgrounds (not me), and they have even seriously discussed on Twitter the need for a kinetic response (again, not me). Response, hack-back, or even deep dive attempts to attribute campaign to country/group is way above my pay grade (and can be highly illegal under CFAA - Computer Fraud and Abuse Act)
if there were a simple answer, we wouldn’t be in the position we are in.
This is already happening.