On Tuesday, the Senate Committee of the United States conducted a hearing that was focused on the threats associated with ransomware attacks and how crypto enables payments in this situation. The primary theme of this hearing was to collect and process some essential information. There were a bunch of experts from the private sector on the committee who talked about the problems associated with ransomware attacks, along with the hurdles that have to be overcome for putting together the data that is needed to bring them down.
Hailing from Michigan, Gary Peters served as the chair of the Committee and stated that there is not enough data that the government can use for even understanding the extent and implications of the problems that are posed by these ransomware attacks. Back in February, he had launched the Strengthening American Cybersecurity Act. He noted that these ransomware attackers exclusively demand to be paid in crypto. The problem was quantified with the help of numerous statistics. Jackie Burns Coven serves at Chainalaysis as the chair of its cyber threat intelligence department, stated that ransomware attackers had been paid a whopping $712 million last year. He further elaborated that 74% of these payments had been made to criminal elements who either had Russian links or were based there.
The median amount that was paid stood at $6,000, while the average was somewhere around $121,000. The business model that most attackers use involves leveraging ransomware as a kind of service. The chief strategy officer of the Institute for Security and Technology, Megan Stifel said that even before the advent of cryptocurrency, the concept of ransomware had existed. Bill Siegel, the chief executive of Coveware, said that one of the biggest challenges that law enforcement has to deal with is figuring out what information needs to be collected in an attack and how to organize it.
James Lankford, a member of the Committee from Oklahoma, said that collecting information often becomes a mess. He said that similar information, if not identical, is demanded from the victims by multiple agencies and it take years to prosecute the case. Victims are hesitant when it comes to reporting attacks because of these factors, along with worries that the involvement of law enforcement will mean that attackers will not share the encryption key. According to Stifel, information collection will be improved if a single agency is assigned the responsibility of collecting and triaging data, particularly if a relationship is established with the agency before an attack.
According to Koven, it is possible to take advantage of blockchain technology in this scenario because it provides insight into the services and wallet addresses used by ransomware attackers. Koven further said that the sanctions that the US government has imposed on these ransomware attackers are very effective. She gave the example of the sanctions that had been imposed on the Suexand Garantexcrypto exchange. She stated that once the sanctions are in place, the money flow declines. Blockchain technology can also come in handy for tracking attackers who rebrand themselves after conducting an attack.