One of the most recent waves of Bitcoin ransomware attacks executed against US companies has been allegedly instigated by Chinese hackers. Although corporate espionage and hacking attempts between the US and China are nothing new, it is the first time a large-scale ransomware attack was initiated to get the point across. But this does not mean Bitcoin ransomware attacks will come to an end all of a sudden, as internet criminals still favor this form of malware to earn money quickly.
Chinese Hacker Collective Deploys Ransomware
There is no denying the ransomware industry is a booming business for internet criminals all over the world, but government-sponsored hacker collectives do not shy away from this malware either. A recent security report by four different firms mentions how Chinese hackers have been using Bitcoin ransomware to target US companies specifically.
As most people are well aware of by now, ransomware is an extremely annoying type of computer infection, as users are locked out of all of their files. Restoring files from a backup is not always possible either, as a lot of Bitcoin ransomware strains delete shadow volumes from the computer as well. But these attacks against US companies were not carried out by your run-of-the-mill basement Internet geek.
Instead, the report states how several cases have been discovered where a higher level of sophistication has been used to infect computers. These types of tactics are usually associated with state-sponsored attacks and include deploying remote control software, as well as spreading other malware to move around computer networks.
Although application servers are a major target for hackers due to their inherent security vulnerabilities, it still takes a particular level of skill to trick networked computers into installing Bitcoin ransomware. One unnamed technology company had nearly one in three computers infected by this ransomware at the time of attack.
Assuming the findings of this report are true, the question becomes why Chinese hackers would be resorting to Bitcoin ransomware for attacking companies. One theory suggests how state-sponsored hackers in China are looking at ransomware as a way to supplement their “income,” as the number of jobs has declined in the sector due to reduced support for economic espionage.
But there is also the worrying option of how Internet criminals may have gotten their hands on exploit kits previously used by state-sponsored hackers. This may include new types of Bitcoin ransomware, as well as other tools to gain access to particular types of networks and company infrastructure.
Bitcoin Ransomware Threat is Not Over
While these attacks against US companies have subsided for the time being, there is no reason to believe the Bitcoin malware threat is over. Internet criminals resort to this type of malware to target both consumers and businesses alike, in the hopes of forcing people into paying the associated ransom to restore computer access.
With encryption techniques improving, it becomes more and more difficult for the end user to regain file access without paying the Bitcoin ransom. By keeping a modest price point, it makes financial sense for most people just to pay the fee and be done with the hassle. Rather than dealing with phishing and online payment scams, ransomware seems to be the new “hot trend” for internet criminals right now.