CISA Official: Restricting Crypto Will Not Stop Ransomware Attacks

The strict regulation of cryptocurrencies will do little to prevent cybercriminals from laundering the proceeds of ransomware, according to a senior Department of Homeland Security official.

Nitin Natarajan, deputy director of the Cybersecurity and Infrastructure Security Agency, said criminals have always found innovative ways to circumvent protections and continue their attack, Nextgov reported Tuesday.

“If we were to magically flip a switch and make Bitcoin for instance completely transparent, they’re going to find another way to do it,” Natarajan said.

Ransomware is a type of malware attack that cybercriminals use to encrypt an organization’s data. Hackers typically guide the organization through the payment of a ransom in exchange for the data’s restoration.

The Institute for Security and Technology’s Ransomware Task Force, a private-sector think tank consisting of experts from various industries, pegged the average amount of ransomware payment at $233,817 as of the third quarter of 2020.

RTF has released a ransomware report that contains 48 recommendations on matters such as cyber insurance, cryptocurrency and safe havens for threat actors.

One of the recommendations involves requiring cryptocurrency exchanges, crypto kiosks and over-the-counter trading desks to comply with existing know-your-customer, anti-money laundering and anti-terrorist financing laws.

DHS Secretary Alejandro Mayorkas, a 2021 Wash100 winner, has warned that small and medium-size businesses are particularly vulnerable to ransomware because of their role as the “backbone of the U.S. economy.”

The department has announced plans to work with industry in implementing the recommendations in the RTF report, which Mayorkas commended for highlighting how the government can better address the crime.