The US Senate Committee on Homeland Security and Governmental Affairs discussed the threat posed by ransomware attacks
On Tuesday, the United States Senate Committee on Homeland Security and Governmental Affairs (HSGAC) held a hearing titled "Rising Threats: Ransomware Attacks and Ransom Payments Facilitated by Cryptocurrency," which focused on data collecting and processing. A panel of private-sector specialists spoke before the committee on the threat of ransomware attacks and the difficulties in gathering and utilizing the data needed to combat them.
Gary Peters of Michigan, who proposed the Strengthening American Cybersecurity Act in February, said the government doesn't have enough data to even grasp the scale of the threat posed by ransomware assaults. He went on to say that attackers nearly always demand payment in cryptocurrencies.
To characterize the situation, a number of figures were presented. Chainalysis' chief of cyber threat intelligence, Jackie Burns Koven, claimed the business had discovered a record $712 million paid to attackers in 2021, with 74 percent of the money going to Russian or Russian-linked threat actors. The median payment was $6,000, with an average payment of $121,000. Ransomware-as-a-Service is a popular business model used by cybercriminals.
According to Megan Stifel, chief strategy officer at the Institute for Security and Technology, and Bill Siegel, CEO of Coveware, ransomware is a kind of extortion that predates Cryptocurrencies. Knowing what information to collect and how to arrange it after an assault happens is a huge difficulty for law enforcement, according to Siegel.
Information gathering is sometimes "a complex mess at the worst possible time," according to Oklahoma committee member James Lankford. In the aftermath of an assault, many authorities want overlapping but no identical data from victims, and then the case might take years to prosecute. Many victims are hesitant to disclose assaults because of these issues, as well as fears that the attackers will not give an encryption key if law enforcement is involved.
Labeling a single agency to collect and process data after an attack, according to Stifel, would increase data collecting, especially if firms had formed a connection with that agency prior to the assault.
In contrast to the laborious procedures of traditional financial inquiry, Koven claims that blockchain research may give "instant insight into the network of wallet addresses and services (e.g., exchangers, mixers, etc.) that support the criminal actor."
Sanctions enforced by the US government on ransomware operators and their intermediaries are very effective, according to Koven. She cited the restrictions imposed on Garantex, a cryptocurrency exchange located in Russia, and Suex, a cryptocurrency dealer, as examples. According to her, following sanctions, money flows "reduce to almost nil." Furthermore, blockchain analysis may be used to trace attackers' identities, and Chainalysis has created technologies to monitor money through cryptocurrency blenders.