Marketplace Logo Donate

Daily business news and economic stories from Marketplace

FBI wins one battle recovering bitcoin ransom, but it’s still a war

Heard on:
Deputy U.S. Attorney General Lisa Monaco announces the recovery of millions of dollars worth of cryptocurrency from the Colonial Pipeline Co. ransomware attacks on June 7, 2021.

Deputy U.S. Attorney General Lisa Monaco announces the recovery of millions of dollars worth of cryptocurrency from the Colonial Pipeline Co. ransomware attacks on June 7, 2021. Jonathan Ernst/AFP via Getty Images

get the podcast

​U.S. officials announced something that’s never been done before in the fight against ransomware. They traced and recovered some of the ransom, paid in bitcoin, by Colonial Pipeline to the hacking group known as DarkSide. That’s not supposed to happen with cryptocurrencies, at least not very easily. 

One person who hopes this means more hackers will be caught is James, who helps run a small company in the Midwest with about 35 employees. He explained “I showed up in the office early last year and basically we couldn’t do anything on our computers.”

It was a ransomware attack. James, who asked not to be identified to protect his company from future attacks, said, “they sent us a cryptic ransom note in broken English, asking us for tens of thousands of dollars in bitcoin.”

Hackers have been holding companies hostage since long before cryptocurrencies were invented. But cryptocurrencies can offer anonymity, or at least a method of payment outside the control law enforcement. It’s allowed digital ransom and extortion to explode in recent years.

“It’s probably in the couple billion dollar a year revenue for the ransomware gangs, and collateral damage is probably 1 to 2 orders of magnitude greater,” said Nick Weaver, a lecturer at University of California, Berkley who focuses on computer security.

On the face of it, the fact that the FBI was able to crack into a bitcoin wallet and take back the money from DarkSide would appear to threaten one of the foundations of this criminal industry.

But Mark Rasch isn’t so sure. He’s the chief legal officer of cybersecurity threat intelligence company Unit221B. “Part of the reason they were able to claw back a specific transaction is likely that they were able to work closely with Colonial Pipeline in making the payment in the first place,” Rausch said.

The FBI seized $2.3 million from DarkSide’s virtual currency wallet. It presumably could not get back the many tens of millions the hacking group took from countless other companies, and it will probably take years of effort and regulation before the tide turns in the cat and mouse game between law enforcement and hackers. 

There are steps companies can take to better protect themselves against cyber extortion, said Karen Schuler, national leader of tax and advisory firm BDO’s Governance, Risk & Compliance Practice. Schuler suggested these concrete measures:

James, by the way, the Midwest manager whose company was hacked, did not end up paying a ransom. He had backups of all his data. 

What's Next

Latest Episodes From Our Shows

Listen
7:46 AM PDT
7:07
Listen
2:40 AM PDT
9:27
Listen
7:30 AM PDT
1:50
Listen
Aug 17, 2022
17:14
Listen
Aug 17, 2022
27:03
Listen
Jul 7, 2022
30:13
Listen
Aug 9, 2022
24:46
Exit mobile version