{"id":9052,"date":"2021-09-16T09:55:02","date_gmt":"2021-09-16T13:55:02","guid":{"rendered":"https:\/\/cointelegraph.com\/magazine\/?p=9052"},"modified":"2021-09-16T09:55:02","modified_gmt":"2021-09-16T13:55:02","slug":"bitcoin-ledger-as-a-secret-weapon-in-war-against-ransomware","status":"publish","type":"post","link":"https:\/\/cointelegraph.com\/magazine\/2021\/09\/16\/bitcoin-ledger-as-a-secret-weapon-in-war-against-ransomware","title":{"rendered":"Bitcoin ledger as a secret weapon in war against ransomware"},"content":{"rendered":"

Ransomware, malicious software that encrypts computers and keeps them \u201clocked\u201d until a ransom is paid, is the world\u2019s fastest-growing cyber threat, according to Coinfirm.<\/strong> Recent attacks on critical national infrastructure, like the Colonial Pipeline incursion that crippled oil and gas deliveries for a week along the U.S. East Coast, have set off alarms. Ransom payments are almost always made in Bitcoin or other cryptocurrencies.\u00a0<\/span><\/p>\n

But while many were shaken by May\u2019s Colonial Pipeline attack \u2014 the Biden administration issued new pipeline regulations in its aftermath \u2014 relatively few are aware of that drama\u2019s final act: Using blockchain analysis, the FBI was was able to <\/span>follow<\/span><\/a> the ransom payments fund flow and recover about 85% of the Bitcoin paid to ransomware group DarkSide.\u00a0<\/span><\/p>\n

In fact, blockchain analysis, which can be further enhanced with machine learning algorithms, is a promising new technique in the battle against ransomware. It takes some of crypto\u2019s core attributes \u2014 e.g., decentralization and transparency \u2014\u00a0 and uses those properties <\/span>against<\/span><\/i> malware miscreants.\u00a0<\/span><\/p>\n

While crypto\u2019s detractors tend to emphasize its pseudonymity \u2014 and attractiveness to criminal elements for that reason \u2014 they tend to overlook the relative visibility of BTC transactions. The Bitcoin ledger is updated and distributed to tens of thousands of computers globally in real time each day, and its transactions are there for all to see. By analyzing flows, forensic specialists can often <\/span>identify<\/span><\/a> suspicious activity. This could prove to be the Achilles\u2019 heel of the ransomware racket.<\/span><\/p>\n

An underused means<\/span><\/h4>\n

\u201cThe blockchain ledger on which Bitcoin transactions are recorded is an underutilized forensic tool that can be used by law enforcement agencies and others to identify and disrupt illicit activities,\u201d<\/span> Michael Morrell, former acting director of the U.S. Central Intelligence Agency, declared in a recent blog, adding:<\/span><\/p>\n

\u201cPut simply, blockchain analysis is a highly effective crime fighting and intelligence gathering tool.[…] One expert on the cryptocurrency ecosystem called blockchain technology a \u2018boon for surveillance.\u2019\u201d\u00a0<\/span><\/p><\/blockquote>\n

Along these lines, three Columbia University researchers recently <\/span>published<\/span><\/a> a paper, \u201cIdentifying Ransomware Actors in the Bitcoin Network,\u201d describing how they were able to use graph machine learning algorithms and blockchain analysis to identify ransomware attackers with \u201c85% prediction accuracy on the test data set.\u201d<\/span><\/p>\n

Those on the frontlines of the ransomware struggle see promise in blockchain analysis. \u201cWhile it may at first seem like cryptocurrency enables ransomware, cryptocurrency is actually instrumental in fighting it,\u201d Gurvais Grigg, global public sector chief technology officer at Chainalysis, tells Magazine, adding:<\/span><\/p>\n

\u201cWith the right tools, law enforcement can follow the money on the blockchain to better understand and disrupt the organization\u2019s operations and supply chain. This is a proven successful approach as we saw in January\u2019s \u2018takedown\u2019 of the NetWalker ransomware strain.\u201d<\/span><\/p><\/blockquote>\n

Whether blockchain analysis alone is enough to thwart ransomware incursions or whether it needs to be joined with other tactics, like bringing political\/economic pressure to bear on foreign countries that tolerate ransomware groups, is another question.<\/span><\/p>\n

Unmasking criminals?<\/span><\/h4>\n

Clifford Neuman, associate professor of computer science practice at the University of Southern California, believes that blockchain analysis is an underutilized forensic tool. \u201cMany people, including criminals, assume Bitcoin is anonymous. In fact, it is far from being so in that the flow of funds is more visible on the \u2018public\u2019 blockchain than it is in almost any other kinds of transactions.\u201d He adds: \u201cThe trick is to tie the endpoints to individuals, and blockchain analysis tools can sometimes be used to do this linking.\u201d<\/span><\/p>\n

A valid means for unmasking ransomware attackers? \u201cYes, absolutely,\u201d Dave Jevans, CEO of crypto intelligence firm CipherTrace, tells Magazine. \u201cUsing effective blockchain analytics, cryptocurrency intelligence software\u201d \u2014 the sort his firm produces \u2014 \u201cto track where ransomware actors are moving their funds can lead investigators to their true identities as they attempt to off-ramp their crypto to fiat.\u201d\u00a0<\/span><\/p>\n

 <\/p>\n

 <\/p>\n