According to data from the Ransomwhere platform, the computer criminals responsible for the ransomware attacks have obtained around 60 thousand bitcoins for ransom payments during 2021.
Ransomwhere is a new platform collaborative launched by Jack Cable, security architect at cybersecurity consultancy Krebs Stamos Group, which helped protect election systems ahead of the 2020 U.S. presidential election.
This tool maintains a continuum count of ransoms paid in bitcoin to cyber hackers. The data is largely obtained due to the transparent nature of the network, which records all transactions on the blockchain. In this way, it acts as a large public book that allows anyone to track any transaction, including those associated with ransomware groups.
The payments reflected in the image above show that the operators behind the REvil or Sodinokibi ransomware top the list with more than USD 10 million for data theft. The third place is occupied by the group of malicious hackers known as DarkSide, who have obtained around USD 4 million. These are responsible for the recent attack on the U.S. pipeline.
Ransomware is a type of malware that compromises computer devices and hijacks your information. The attackers then request a ransom in cryptocurrencies as extortion for handing over the data back and preventing significant damage. The term is an acronym for words Ransom (ransom) and software.
A ransomware attack can be aimed at both companies and individuals, although the latter modality is usually less frequent. As we have previously reported in CriptoNoticias, financial losses due to ransomware, so far this year, double those of 2020, and even after paying, the percentage of recovery of encrypted data is 65%, according to a study of the computer security company, Sophos.
Last month, Barracuda Networks, security company, reported that the volume of cyberattacks, including ransomware, has increased almost 200% between October 2020 and May 2021, when the price of Bitcoin had a upward period.
Ransomwhere’s tool makes this data available to the public for anyone to consult. Being a collective collaboration platform, it incorporates self-reported incident data from ransomware attacks that anyone sends. On your site too you can find the registered addresses that, so far, have been used by cybercriminals.
According to its page, to make sure it is real data, it asks the informant for a screenshot of the demand for payment for ransomware, and each case is thoroughly reviewed before being available to the public. However, they warn that it is impossible to guarantee 100% the veracity of the information.
Global union in the face of ransomware attacks
The high rate of ransomware attacks this year, has led the group of the world’s largest economies, the G7, to come together to take joint action and fight against such cyber attacks. The United States has been one of the most affected countries.
According to a report by the security firm Kaspersky, the hasty implementation of remote work solutions, made companies less secure. Kaspersky also noted in its report on Financial Threats for 2021, that this would be a year with a high rate of cyberattacks.
In countries such as the United Kingdom it has been considered banning insurers from covering bitcoin payments to cyber criminals. The proposal by Diaran Martin, a former official at Britain’s National Cyber Security Center, argues, as does the U.S. Office of Foreign Assets Control, that these payments encourage criminals to continue with more attacks.
Some countries have expressed that the attacks that have been perpetrated in their nations are the responsibility of Russian military agencies. In days gone by, U.S. President Joe Biden ordered a federal investigation for another ransomware attack that affected the company Kaseya, which provides computer advice to more than 200 companies in the United States and other countries.