It would appear even more US companies are stockpiling bitcoin to fight off cyber attacks. This type of behavior is not entirely new, but it appears to become even more prevalent as of late. Rather than upgrading cybersecurity measures, US companies would rather pay criminals in bitcoin. A very troublesome development that will only invite more criminal activity moving forward.
It is not advisable to stockpile bitcoin in case a cyber attack occurs. Criminals from all over the world use a wide range of tools to infiltrate enterprises. Once they do so, the enterprise will receive a request to pay a ransom in bitcoin. Since hardly any company keeps cryptocurrency on hand, that causes a bit of a problem.
To combat this issue, US companies are now buying bitcoin in case an attack would occur. That is anything but the right approach, as it only invites more cyber attacks moving forward. Losing valuable corporate data is a big problem, everyone can understand that. Openly inviting criminals to do their worst and pay their demand in bitcoin, however, is an incomprehensible decision.
Stockpiling Bitcoin is Not Advised For Companies
Dealing with this moral dilemma is anything but easy for US companies right now. Then again, looking to pay off criminals once they infiltrate a system is equal to taking three steps backward. Paying means helping the bad guys and rewarding them for illegal behavior. It is the same as negotiating with terrorists, which is something no American would ever do, or so they claim. Incident response planning in the corporate sector should never include stockpiling bitcoin to meet ransom demands.
To put this into perspective, the average ransom demand sits between US$10,000 and US$75,000. Even at current prices, that equals to stockpiling bitcoin in large quantities. Once criminals become aware of which companies are easy to exploit, they will continue hitting them with malware attacks. This unusual strategy will not work out in the end, as it only serves to enrich hackers. A better option would be to beef up existing security protocols. Doing so is not only the only morally right course of action, but also the much cheaper option in the long run.
Last but not least, paying the bitcoin ransom is no guarantee to have company files decrypted again. So far, nearly 25% of all malware attacks remained unresolved after the bitcoin payment was made. It is expected this number will go up over time, especially when companies are so eager to pay bitcoins for criminals. Stockpiling bitcoin is not the answer to these threats, that much is certain.
Header image courtesy of Shutterstock