In brief

  • Known ransomware payments exceeded $400 million last year.
  • Most payments occur in Bitcoin.

Deputy Press Secretary Karine Jean-Pierre told reporters yesterday in a press briefing aboard Air Force One that "combating ransomware is a priority for the administration." Moreover, one of the ways it plans on addressing it is through more cryptocurrency tracking as the overwhelming majority of ransomware attackers demand Bitcoin or other cryptocurrency as payment.

Ransomware is malicious software that locks users out of a computer or a network. To regain access, they can pay the hackers, typically through cryptocurrency, which can be sent outside of traditional financial channels. Though ransomware has been a growing problem for years, with at least $400 million paid to hackers in 2020, it's taken on increased urgency in recent months. 

In May, crypto tracing firm Elliptic reported that the hacker group DarkSide had collected more than $90 million in Bitcoin from ransomware attacks to date. The group was responsible for shutting down the Colonial Pipeline last month, which supplies gas to the Eastern seaboard. Several states experienced gas shortages as a result.

Over the weekend, the world's biggest meatpacker, JBS, suffered a ransomware attack that threatened to shut down its plants, leading to meat shortages and higher prices as the northern hemisphere heads into summer.

According to Jean-Pierre, the administration is in communication with JBS as well as the government of Russia, where the attack is believed to have originated. 

Believing the risk to be ongoing rather than isolated, the administration is conducting a "rapid strategic review to address the increased threat of ransomware." 

Jean-Pierre noted that the review has four emphases: "One, distribution of ransomware infrastructure and actors working closely with the private sector; two, building an international coalition to hold countries who harbor ransom actors accountable; expanding cryptocurrency analysis to find and pursue criminal transaction; and reviewing the USG’s ransomware policies."

Though Jean-Pierre did not provide specifics, federal agencies already work with blockchain-tracing firms to combat money laundering, terrorism financing, and other illicit activity. Blockchain-tracking firm Chainalysis earns most of its revenue from government contracts. Competitor CipherTrace last year received a US Department of Homeland Security contract to develop methods to trace Monero, a so-called privacy coin popular for those looking to send or receive illicit payments.

Editor's note: This article was updated after publication to clarify that ransomeware group DarkSide has received $90 million in Bitcoin from ransomware attacks in total, according to Elliptic.

Daily Debrief Newsletter

Start every day with the top news stories right now, plus original features, a podcast, videos and more.