A key US senator is launching an investigation into the connection between cryptocurrencies and ransomware attacks in the wake of several recent high-profile attacks.
Senate Homeland Security and Governmental Affairs Chairman Gary Peters announced Tuesday on CNN’s “New Day” that the bipartisan investigation will seek to better understand how cryptocurrency emboldens cybercriminals and to identify possible policy changes.
The probe is part of a series of steps the Michigan Democrat and other lawmakers have taken to address a spate of cybersecurity incidents, including soon-to-be-released legislation related to recent ransomware attacks, he said.
“Cryptocurrencies are the medium of choice by these folks,” he told CNN, referring to cybercriminals. “Well over $400 million has been paid in ransoms in this last year from cryptocurrencies.”
The less regulated architecture of cryptocurrency payments allows for greater anonymity and its misuse enables these sorts of attacks.
Earlier this summer, US investigators recovered millions in cryptocurrency they say was paid in ransom to hackers whose attack prompted the shutdown of the key East Coast pipeline in May.
The Justice Department said it seized approximately $2.3 million in Bitcoins paid to individuals in a criminal hacking group known as DarkSide – the group blamed for the crippling ransomware attack on Colonial Pipeline, which spurred days of panic buying and fuel shortages.
Ransomware attacks have grown in scope and sophistication in the last year, Deputy Attorney General Lisa Monaco said at the time, calling them an “epidemic.”
Not long after the Colonial incident, major beef and pork producer JBS USA was hit with a ransomware attack, resulting in the shutdown of its entire US beef processing operation. JBS USA announced in June that it had paid an $11 million ransom in response to the cyberattack.
Then the same ransomware gang that had hit JBS demanded $70 million in July to unlock all the devices it claimed had been hit in an attack on Kaseya, an IT services provider that indirectly supports countless small businesses such as local restaurants, accounting firms and dentists’ offices.
The back-to-back incidents have raised concerns about the vulnerabilities they reveal in critical infrastructure and industries across the US.
In 2020, ransom payments, typically made in cryptocurrency, totaled the equivalent of $416 million – more than four times the 2019 level, according to blockchain analytics firm Chainalysis. The firm has confirmed more than $200 million worth of payments so far this year.
“We want to make sure we are dealing with cryptocurrency and understand why it is the choice by these folks and how can we disrupt that choice,” Peters said.
The investigation will delve into why cryptocurrency, which is difficult for law enforcement to track, is being used in ransomware attacks and how it can be disrupted. It will also aim to identify possible policy solutions for lawmakers and regulators, the senator said.
The Biden administration has also ramped up its efforts to disrupt the growing and increasingly destructive ransomware attacks.
“The misuse of cryptocurrency is a massive enabler here,” deputy national security adviser Anne Neuberger previously told CNN. “That’s the way folks get the money out of it. On the rise of anonymity and enhancing cryptocurrencies, the rise of mixer services that essentially launder funds.”
“Individual companies feel under pressure – particularly if they haven’t done the cybersecurity work – to pay off the ransom and move on,” Neuberger added. “But in the long term, that’s what drives the ongoing ransom [attacks]. The more folks get paid, the more it drives bigger and bigger ransoms and more and more potential disruption.”