Due to bitcoin’s pseudo-anonymous nature, which makes it difficult to link transactions to the individuals conducting them, bitcoin has become the new go-to ransom payment method in ransomware attacks. This development has led cybersecurity firms to buy and store bitcoin in case their clients decide to pay the ransom. However, regulations are making it increasingly difficult for cybersecurity specialists to provide this service.
Leading exchange and wallet provider Coinbase has reportedly shut down the bitcoin account of cybersecurity specialist and founder of Night Lion Security Vinny Troia. Coinbase contacted Troia at the end of last year to inquire what the purpose behind his bitcoin holdings are. When Troia informed Coinbase that it was to buy and store bitcoin on behalf of clients who may potentially want to use them to pay for ransoms during ransomware attacks, his account was suspended and he was no longer able to set up a new account under his name or those of family members.
The issue with holding funds that may be used to pay criminals is that it could get regulated firms such as Coinbase in trouble with the financial regulator as well as the law, as this may be deemed as a breach of anti-money laundering (AML) laws. Given the increased scrutiny on bitcoin businesses by regulators, it should not come as a surprise that bitcoin exchanges would rather not see their platform be used to facilitate ransom payments, despite the well-meaning intent of these payments.
On the other hand, making it more difficult for cybersecurity firms to buy and store bitcoin could easily lead to more large-scale disruptions through ransomware attacks such as the global WannaCry ransomware attack that took place in May. In some cases, it is easier for companies to simply pay the ransom to regain access to their systems than it is to try to decrypt their own files. If, however, companies do not have easy access to bitcoin to pay for the ransom, disruptions in important institutions, such as hospitals, could take much longer than necessary. For that reason, many companies have started to hoard bitcoin to mitigate the ramifications of a ransomware attack by simply paying the ransom.
The story of Coinbase and Vinny Troia highlight the need for more dialogue between bitcoin startups and regulators as well as the dire need for cybersecurity laws that specify how ransomware payments should be handled so that financial regulations do not hinder the work of cybersecurity companies that are trying to keep businesses safe from cyber attacks.