Technology has transformed how people work and communicate, but security threats have followed. Your messages reach anyone on earth in seconds, yet a third party might intercept them. Criminals found
Technology has transformed how people work and communicate, but security threats have followed. Your messages reach anyone on earth in seconds, yet a third party might intercept them. Criminals found new opportunity in bitcoin.
J. Maurice, the investigator who tracked the Mt. Gox bitcoin theft, explained how cryptocurrency rewired hacking incentives. "Bitcoin changed the hacking world because it introduced incentivized hacking," he said on The Bitcoin Game. "If you hack someone who has bitcoins and you steal their money, you're directly getting that money. Before, you'd have to hack into an ecommerce site, get credit card numbers, and try to monetize those by ordering stuff to a maildrop or however you did it."
Criminal tactics shifted. Rather than stealing email passwords and bank login credentials, hackers pursued wallets holding real money. Ransomware offered a simpler approach. As Maurice explained, "That's why you see this ransomware—CryptoLocker type software that encrypts all of your data and holds it hostage unless you send bitcoins. The hackers want to use bitcoin. It's a new way to get money out of people."
Hackers didn't limit targets to cryptocurrency holders. The Hollywood Presbyterian Medical Center in Los Angeles discovered this in February. After infiltrating the hospital's systems, attackers encrypted data and demanded payment. Administrators paid roughly $17,000 in bitcoin to restore access. The hospital held no bitcoin. The attackers demanded it anyway.
Maurice addressed the hospital's decision. "Hardware failures, human error, and viruses all cause large organizations to experience data loss," he said. "When this incident occurred, the IT staff should have restored from a recent backup. The fact that the hospital paid the ransom indicates their IT staff wasn't properly backing up their patients' medical data."
Security moved from an abstract concern to something people cared about protecting. The Snowden disclosures exposed government surveillance on a massive scale, and the public ignored them. Threats to email accounts or social media pages didn't spark action. Ransomware changed that. When hackers encrypt your work files or school documents and demand bitcoin, operations security stops being a suggestion. The threat of financial loss concentrates attention in ways that privacy warnings never achieved.
