Interpol issues warning that Bitcoin ransomware cyberattacks targeting hospitals could lead directly to deaths in covid-19

By Christine Duhaime | April 7th, 2020

Interpol has released a warning that, during the Covid-19 pandemic, ransomware cybersecurity attacks against hospitals and other institutions and research departments, are expected to increase.

The way ransomware attacks work is that hackers infiltrate and take exclusive control over computer systems, locking out the administrators, and promise to relinquish control of the computer systems on receipt of large payments of ransom in Bitcoin.

Hospitals are a critical infrastructure, although research institutions are not. Because hospitals are significantly being targeted, emergency medical care will be impacted during covid-19, which Interpol believes could lead directly to deaths.

How do you legally pay an illegal Bitcoin payment and not go to jail?

A number of organizations and experts came together a few years ago to develop a response, in consultation with regulators, to enable a Bitcoin payment to be made responsibly, through a digital currency exchange to an extortionist that satisfied the US government, and would not lead to prosecution.

The steps are more involved than this but generally, despite the otherwise illegality of the conduct, a digital currency exchange may allow its services to be used for the payment in Bitcoin to a criminal cyberattacker on behalf of one of its customers in a limited fashion provided:

(a) the digital currency exchange takes or charges no commission or fees, directly or indirectly, on either end of the transaction; and

(b) the digital currency exchange prepares and files a suspicious activity report tailored for digital currency transactions, meaning it includes the wallet addresses, the IP address from its systems, the IP from the emails provided by the customer and such. The customer is the subject of the suspicious activity report even though the customer is also the victim of the ransomware cyberattack.

Also, keep in mind that the customer is usually a corporate entity, such as a hospital, and they must be on-boarded as a customer in order for a digital currency exchange to partake in facilitating the payment and no shortcuts can be made with the identity ascertainment and verification process, even though it is clear that time is of the essence.

The digital currency exchange and its officers, directors and employees are at risk of prosecution and administrative fines for facilitating the payment of a ransomware attack, but it has been generally recognized that by taking the above steps, avoiding the profiting off of a criminal transaction and reporting it to government as soon as practicable, liability can be avoided.

One should bear in mind that the filing of a report to government is the quid pro quo here, and if an exchange or participating person fails to submit the report or submits a report lacking details that would allow law enforcement to trace (clearly only by IP address here, Bitcoin wallet address and such), there is not going to be the protection from prosecution for knowingly facilitating the commission of a criminal offence.

Comments are closed.