Bitcoin has received a lot of negative press in the past, especially due to its increased usage among cybercriminals. But now, after a global scale WannaCry ransomware attack, the narrative about Bitcoin and its connections to crime seems to have taken a positive turn. According to a recent statement by the Head of Global Cybercrime at the United Nations, the Bitcoin ransom paid by some of the WannaCry ransomware victims may provide vital clues that could lead to hackers’ identification.
The statement by UN official, Neil Walsh was published by various media outlets earlier today. The WannaCry ransomware attack was probably one of the worst cybercrime waves to take over the internet. The worm, created to exploit a particular vulnerability in outdated Microsoft Windows operating system encrypted files on computers across the world. Computer users in around 100 countries are said to be affected by the ransomware wave.
The SMB vulnerability targeted by WannaCry was exploited by the US spy agency, NSA for years. Few recent publicly available hacked files belonging to the agency shows clearly that NSA not only knew about the issues but also created tools to spy on machines with such vulnerabilities. While Microsoft released a security update to all supported devices in March, the ones that were running on unsupported versions of Windows missed out on that to become WannaCry’s targets. Since then, Microsoft has issued an emergency update covering Windows XP, Server 2003 and Windows 8 machines.
The impact of the attack was much worse than expected as many businesses, organizations and even government facilities ignored several warnings on ransomware attacks issued by the United Nations. Many of the affected parties were found operating unsupported Windows versions without bothering to update to supported ones.
Contrary to popular belief among the public, Bitcoin transactions are not anonymous, but pseudonymous at best. There are a number of blockchain analysis tools currently available in the market that allows law enforcement agencies and financial institutions to track Bitcoin transactions and even identify the parties to the transaction. These very tools are expected to be implemented by global law enforcement agencies to determine the ones responsible for spreading WannaCry.
Explaining the initiatives of the United Nations Office on Drugs and Crime with reference to recent ransomware attack, Neil Walsh was quoted by media outlets saying,
“When you demand a ransom, you have to get that money back. If you can’t cash that value or turn it into something, then it doesn’t do anything for your criminal business model. In the past month alone we have trained investigators and prosecutors in over 40 countries on how to investigate Bitcoin transactions and how to link those transactions to find an individual or entity. So, that is the risk (for the hackers) if they start to get payments coming back. It gives us opportunities to investigate and identify.”
WannaCry’s infection has been put to rest, after a security researcher found a solution involving registration of a domain, turning it into a sinkhole. Many people by then had already paid ransom in Bitcoin. The wallets receiving the ransom will be monitored by law enforcement agencies for any new activity, with the hopes of tracking the offender.
Whether the authorities are successful in catching the cybercriminal or not, at least they have learnt a lesson or two about cybersecurity, thanks to WannaCry.
Ref: SBS | Image: NewsBTC