Here's Why Biden Threatened to Make Ransomware a National Security Issue

The U.S. has been hardest hit by ransomware attacks.

There are many amazing things about blockchain, the technology behind cryptocurrency. It can change lives and disrupt several industries by taking the middleman out of many everyday transactions. Unfortunately, this burgeoning industry also has a dark side. It's attracted scammers and criminals who use the anonymous nature of cryptocurrency to process their ill gotten gains.

One particular piece of crypto crime that's grabbed headlines this year is ransomware. According to a recent report from Chainalysis on crypto adoption around the world, North America was the biggest victim of ransomware attacks between July 2020 and June 2021.

North American users sent $131 million of crypto to ransomware attackers in that time, more than double users in Western Europe who were second on the list. Worldwide, the amount paid by ransomware victims increased by 311% in 2020, and it looks like the figure will increase for 2021.

So what is ransomware, and what's being done to stop it?

What is ransomware?

A ransomware attack is where hackers use malware to take control of a computer network and demand a ransom to unlock it. For example, the malware might encrypt the files on your computer -- or your organization's network -- and only release a key to gain access once the ransom is paid. The money is usually paid in cryptocurrency, making it difficult to trace.

Ransomware is a type of malware that may infect your system through an email or a targeted attack. There are several different strains of ransomware used by different criminal groups. For example, a group called Circus Spider created the NetWalker strain that was responsible for extorting the most money from U.S. companies.

Why President Biden is so concerned

There are several reasons why the president is concerned about ransomware, not least that the U.S. has been so badly hit. All kinds of organizations have been attacked, including hospitals, banks, energy providers, schools, government offices, and even emergency services.

The Colonial Pipeline attack in May is probably the best known example. The attack froze IT systems at the company responsible for almost half the gasoline on the east coast. Colonial Pipeline paid a $4.4 million ransom, but the pipeline was still shut for six days. Panic buying pushed gas prices sky high, and thousands of pumps were left empty.

On July 4, up to 1,500 businesses were exposed to a ransomware attack by the REvil group. It used a vulnerability in software from a company called Kaseya to shut down computer systems.

Moreover, the majority of strains that cost American businesses time and money originated with Russian cybercriminal groups like REvil. This is why Biden warned President Putin that attacks would be treated as national security incidents.

Combating ransomware attacks

The U.S. government is working to tackle ransomware on several fronts, including trying to put political pressure on Russia to hold criminal groups accountable.

It is also taking direct action against those responsible. According to Chainalysis, while there are many different strains, there are only a few bad actors involved. As such, authorities can have an outsized impact by taking out a couple of main players. For example, by arresting one of the people behind the NetWalker strain, the U.S. also struck a blow against several other prominent ransomware strains.

Law enforcement officials have also upped their crypto tracking capabilities. People criticize the anonymity of blockchain, but that's only one part of the picture. Every Bitcoin (BTC) transaction is recorded on its blockchain ledger, albeit anonymously, so there are ways law enforcement can track these transactions. The challenge is identifying who owns a specific wallet address.

In the case of the Colonial Pipeline pipeline payment we mentioned above, the FBI was able to follow the digital money trail and eventually recover about $2.3 million of the ransom payment.

You can help to counter illegal crypto activity

Ransomware is a problem for all crypto investors. The idea of unintentionally handling laundered money puts people off crypto investing and hinders crypto adoption. It also leads to increased political pressure to restrict legitimate cryptocurrency activity -- or ban cryptocurrencies altogether.

One small way crypto investors can help in the fight against ransomware and other criminal activities is to only use reputable cryptocurrency exchanges with strong anti-money laundering policies in place.

It's tempting to skip know-your-customer (KYC) requirements or use exchanges that don't require an ID -- sometimes, you can access less common cryptocurrencies or receive better rates of return. But those KYC protocols can help protect you as an individual and the industry as a whole.