This Crowdsourced Payments Tracker wants to Solve the Ransomware Visibility Problem

This Crowdsourced Payments Tracker wants to Solve the Ransomware Visibility Problem

As the number of attacks increases in 2020, ransomware attacks are driven by the unrest caused by the Covid-19 epidemic has become lucrative for cybercriminals. These file-encrypting attacks continue unabated this year. The last few months have seen the only attack on the Colon Colonial Pipeline that forced the company to cut off most of its east coast – and its gas supply, a hack from meat supplier JBS that abruptly shut down its slaughterhouse. The world, and just this month IT supply chain Cassia was hit by a supply chain attack that saw hundreds of streams of people locked out of their systems.

However, as ransom attacks continue to make headlines, it is almost impossible to understand their full impact, and as cybercriminals pay to demand their release – it is not known whether some decisions have been made. Jack Cable, a security architect for the Krebs Stamos Group who previously worked for the US Cybersecurity and Infrastructure Agency (CISA), is trying to solve that problem by launching a public release tracking website.

“Through Katie Nichols’ tweet, I was inspired to start ransomware that no one really knows the full impact of cybercrime and ransomware in particular,” she told Cable TechCrunch. “After seeing that there is currently no single place for public data on rinsomware payments and that it is not very difficult to track bitcoin transactions, I started hacking it all together.” The website maintains an ongoing statistic of the ransom paid to cybercriminals on Bitcoin, thanks to the public record-keeping of transactions on the blockchain. Since the site is crowded, it includes data on self-reported incidents of ransomware attacks, which anyone can submit.

However, to ensure that all reports are valid, a screenshot of the ransom payment needs to be taken for each submission and each case is reviewed by itself before it becomes publicly available. If the authenticity of an approved report is later questioned, it will be removed from the database. The already growing database, which does not include any personal or victim-identifying information, is available as a free download for the cybersecurity community and law enforcement officials, which will only hopefully help provide some much-needed public clarity about the current situation.