For the past several years, bitcoin has been a way to keep financial transactions discreet. It is incredibly difficult to trace, because it does not pass through a financial institution, and it is secure because it requires a two factor identification that uses a public key and a PIN combined with a mathematical function to allow a transaction.
This has made it easy for ransomware hackers to extort money by decrypting the victim's files. These types of attackers typically demand payment in bitcoin to keep from being traced. But for the past two years, Chainalysis, a bitcoin-tracing tech startup, has been selling its product to law enforcement agencies around the world.
The emergence of blockchain compliance startups is coming at just the right time, as Europol says in a 2015 report that bitcoin accounts for 40 percent of criminal-to criminal payments online. Europol noted that while there is no single common currency used by cyber criminals, it is apparent that bitcoin may gradually be taking on that role.
Regulation of cyber currency is difficult to do because of its anonymous nature. The inability to attribute transactions to end users makes it tough to imagine how any sort of effective regulation among everyday users would be possible.
But rather than regulating cyber currency, Chainalysis aims to monitor its use and trace its origin. Michael Gronager, CEO and co-founder, is confident in his product's ability to shut down criminal operations. "Expect to see some arrests soon as law enforcement agencies wrap up their investigations into several ransomware operations."
Every CIO should be aware of the risks related to ransomware attacks, and understand that data security is a key component of any business. But there is only so much that can be done to prevent these attacks. Chainalysis offers another solution to the problem of ransomware.
Apparently, their software has the ability to link the source and recipient. In effect, "bitcoin has become less anonymous than cash," says Gronager. His company was founded as a tool to assess the risks associated with bitcoin transactions, and now it is helping to bring cyber criminals to justice.
Police have already made one arrest and gathered evidence in searches of properties in an international police operation aimed at taking down cyber extortion gang DD4BC. Since 2014, the group of cyber criminals has been using distributed denial of service attacks to extort money from a range of organizations. In December of 2015, police forces from the UK, Bosnia and Herzegovina, Austria and Germany teamed up with Europol to identify and arrest key members of DD4BC using Chainalysis' software.
In February 2016, Chainalysis signed a memorandum of understanding with Europol's European Cybercrime Centre that will ensure future collaboration between the organizations. Gronager said in a statement, "This new collaboration is an important next step in the endeavor to move digital currencies out of the hands of the criminals and into the hands of consumers."
If their software is successful, Chainalysis hopes to see the number of ransomware attacks decrease in the coming years. This should warrant a sigh of relief for CIOs and IT professionals whose job it is to keep company documents and customer information safe.