Bitcoin In Depth Articles
Experts say blue chip companies have decided it’s cheaper to deal with extortionists than risk damaging attacks
Several of London’s largest banks are looking to stockpile bitcoins in order to pay off cyber criminals who threaten to bring down their critical IT systems.
The virtual currency, which is highly prized by criminal networks because it is difficult to trace, is being acquired by blue chip companies in order to pay ransoms, according to a leading IT expert.
On Friday, hackers attacked the websites of a number of leading online companies
including Twitter, Spotify and Reddit. They used a special code to harness the power
of hundreds of thousands of internet-
There is no evidence that Dyn was the subject of extortion demands but it has become apparent that hackers have been using the code to threaten other businesses into paying them with bitcoins or risk becoming the target of similar attacks.
Dr Simon Moores, a former technology ambassador for the UK government and chair of
the annual international e-
“The police will concede that they don’t have the resources available to deal with
this because of the significant growth in the number of attacks,” Moores said. “From
a purely pragmatic perspective, financial institutions are now exploring the need
to maintain stocks of bitcoin in the unfortunate event that they themselves become
the target of a high-
How safe are you from hackers?
Moores declined to identify the banks buying up bitcoins but it is understood senior police officers have been made aware of the practice. The cost to businesses of an attack can far outweigh paying off the blackmailers: telecoms provider TalkTalk lost 101,000 customers and suffered costs of £60m as a result of a cyber attack last year.
“Big companies are now starting to worry that an attack is no longer an information security issue, it’s a board and shareholder and customer confidence issue,” Moores said. “What we are seeing is the weaponisation of these [hacking] tools. It becomes a much broader issue than businesses ever anticipated.”
"We've got to come to grips with this. Everybody's over-
In recent months, DDoS attacks have led to around 600 gigabits of data a second being directed at targets – more than enough, according to experts, to bring most websites down.
Moores predicted that the situation was becoming critical. “Once it goes above a terabit, that wipes out any protection. No current protection systems can deal with that sort of flood.”
In September the website KrebsOnSecurity.com was the target of what it describes
as “an extremely large and unusual distributed denial-
Some experts believe the attacks were launched in response to articles that Krebs
had published about the DDoS-
The attack on Krebs was launched by a large botnet, a collection of enslaved computers – in this case, hundreds of thousands of hacked devices that constitute the internet of things (IoT), notably routers, IP cameras and digital video recorders. These devices are the internet’s achilles heel. Unlike personal computers or smartphones, they are often not password protected, relying on factory settings. Because of this they make soft targets for botnets scanning the internet for IoT systems that can be easily compromised.
The stories you need to read, in one handy email
The Krebs attack might have gone largely unnoticed outside of internet security circles
if someone using the name Anna-
“When I first go in DDoS industry, I wasn’t planning on staying in it long,” Anna-
Within hours of Anna-
By targeting Dyn, it appears that hackers were able temporarily to disrupt a raft of sites. Others that reported problems included Mashable, CNN, the New York Times, the Wall Street Journal and Yelp.
Amazon’s web services division reported issues in western Europe. In the UK, Twitter and several news sites could not be accessed by some users.
“While this particular attack [on Dyn] may not have been motivated by extortion,
a new model of ransom-
The problem facing businesses battling the hackers is becoming one of scale. The devices the hackers can recruit to launch their attacks is growing exponentially.
It is estimated that there are anywhere between 7bn and 19bn devices connected to the IoT at the moment. Conservative predictions suggest that this figure will balloon to between 30bn and 50bn within five years.
At some point, Moores believes that the dam will burst as the rollout of connected smart devices will allow for the harnessing of devastating computer power that can no longer be repelled by existing IT security systems.
He draws an analogy with financial crises, predicting that a “Lehman Brothers moment” is on the cards.
“We’ve got to come to grips with this,” Moores said. “Everybody’s overexposed.”
RISE OF THE HACKER -
“Mafiaboy”, a 15-
Hacking collective Anonymous targets the Church of Scientology in an operation called Project Chanology that briefly knocks Scientology.org offline.
Spamhaus, a filtering service to weed out spam emails, is subjected to a DDoS attack after adding a web hosting company called Cyberbunker to its blacklisted sites. Cyberbunker and other hosting companies hire hackers to shut down Spamhaus using botnets. At its peak the attack was being conducted at a rate of 330 gigabits a second, around five times the average DDoS attack.
A group called New World Hacking attacks the BBC’s website at a rate of 602 gigabits a second, almost twice the size of the previous record of 334 gigabits a second.