Colonial Pipeline paid DarkSide, who specialize in digital extortion, 75 Bitcoins or approximately $5 million dollars, to recover its stolen data. Hackers encrypt its victims’ records and threaten to release it publicly unless paid a ransom in cryptocurrencies. Cybersecurity experts believe Darkside is located in either Russia or Eastern Europe.
On May 14, The Wall Street Journal reported that law officials disrupted DarkSide’s operations. DarkSide said “it was shutting down.” Historically, groups such as DarkSide disband and popup later under a different name.
After the hackers received payment, they provided Colonial with a decrypting tool to restore its disabled computer network.
Colonial faced immense pressure to resume its gasoline and jet fuel deliveries to America’s Eastern seaboard. It supplies nearly fifty percent of the Atlantic Coast’s gasoline. Its pipeline stretches from Texas to New Jersey. The fallout forced airlines to make fuel stops on long-haul flights, created panic buying at gas pumps, and prompted the White House to provide supplementary fuel from government reserves. Gasoline prices rose to over $3, the highest in years.
Chainanalysis, a blockchain analysis firm, reported ransomware victims paid at least $350 million dollars to hackers in 2020; an increase of 311% over 2019. The company said it can only estimate the amount because not all victims disclosed their ransomware attacks.
Criminals usually launder funds through “Bitcoin mixing” services and then send the funds to both legitimate and high-risk cryptocurrency exchange portals to convert the funds into real-world currency.
Berkshire Hathaway’s Vice Chairman Charlie Munger said, “Bitcoin was useful to kidnappers and extortionists. It was contrary to the interests of civilization.”
The increase in ransomware has motived the U.S. and European governments to crackdown on cryptocurrencies. Their ambition is to remove the treasured anonymity of cryptocurrencies that have been a haven for hackers and other criminals.
In late 2020 the U.S. Treasury Department proposed rules that would require banks, exchanges, and anyone else dealing in cryptocurrencies to make a greater effort to discover the true identities of their users.
Defenders of cryptocurrencies say that blaming the currencies is like getting mad at a $100 bill for being used in a drug deal. Bitcoin is built on a digital ledger that publicly records every transaction with users identified by a string of characters called a “wallet address”. When law enforcement officials determine the wallet’s owner, they can gain access to that person’s entire transaction history without a subpoena.
Coinbase, a cryptocurrency exchange platform, published a “fact check” dismissing the concerns of crypto critics. Coinbase reported that the percentage of cryptocurrency transaction volume tied to illicit finance dropped to 0.34% last year from 2.1% in 2019.
To some extent, cryptocurrencies’ growth makes more regulation inevitable. It had been easy for governments to ignore crypto a decade ago. With major banks such as J.P. Morgan and Goldman Sachs now offering crypto services, events like the Colonial hack make the potential for criminal use even greater. The crypto industry spent years fighting to break into mainstream finance. Cryptocurrency operators must now recognize their responsibilities to society.
To America’s credit, when we were an infant nation, we successfully launched the Barbary War (1801-1805). Muslim pirates operating out of North Africa demanded tribute from American merchant ships. The pirates captured American ships, goods, and enslaved crew members. We defeated the pirates and extracted concessions of safe conduct from the Barbary states—Morocco, Algeria, Tunisia, and Libya.
Ransomware pirates should note the aphorism of George Santayana, “Those who cannot remember the past are condemned to repeat it.”
While we cannot launch a war against Russia in retaliation, there are a “lot of ways to skin a bear!”
Originally published in the Sarasota Herald-Tribune
