Bitcoin link could help find ransomware hackers, UN security expert says
Law enforcement agencies may be able to track down the ransomware hackers behind Friday's global hit through computer currency Bitcoin, the UN's cyber-security expert has said.
Neil Walsh, the UN's head of global cyber-crime, said while ransomware attacks have been occurring for some time, he has never seen an attack on such a large scale before.
He added that those behind the hit will likely be feeling nervous by the global attention.
Mr Walsh said the UN has been warning for a number of years that ransomware is one of the biggest threats to businesses.
He warned it is now a wake-up call for all governments and law enforcement agencies to work together to prevent further crippling attacks.
Speaking from his office in Vienna, Mr Walsh, who is originally from Northern Ireland, said there are a lot of investigative opportunities around Bitcoin to track down the ransomware hackers.
Bitcoin is a virtual currency created in 2009 by an unknown person using the alias Satoshi Nakamoto and is being increasingly used to move criminal proceeds.
The United Nations Office on Drugs and Crime (UNODC) teaches investigators and prosecutors around the world how to track a Bitcoin transaction online, even if people are trying to hide it or anonymise it.
Mr Walsh said: "When you demand a ransom, you have to get that money back. If you can't cash that value or turn it into something, then it doesn't do anything for your criminal business model.
"In the past month alone we have trained investigators and prosecutors in over 40 countries on how to investigate Bitcoin transactions and how to link those transactions to find an individual or entity.
"So, that is the risk (for the hackers) if they start to get payments coming back. It gives us opportunities to investigate and identify."
He added that due to the notoriety of the cyber-hit, those responsible will be feeling nervous about being identified.
Mr Walsh said: "If I was the person or persons who had sent this and you hit over 100 countries and you hit big players - the US, Russia, China, the UK - I'd be nervous.
"You can rest assured that global law enforcement effort will be looking at identifying the origin of this.
"Whether they predicted it would go so wide, so quickly is hard to say.
"The people who have done this will be sitting there thinking 'has this helped us or hindered us?', because when you get a situation-room briefing being called by President Trump, when you get Cobra being called by Theresa May and lots of other countries around the world calling in their national investigators to look at this, then I suspect they have started to get nervous."
Mr Walsh said he was not aware of anything on the scale of Friday's attack but that the UN has been warning ransomware poses a very significant threat for the past few years.
He stressed it should be a wake-up call for all governments and law enforcement agencies to work together to tackle the threat.
He added: "When we see something of this scale and it is brought to attention of senior policymakers and politicians, it highlights something that has already been there and will hopefully now bring more attention to it and that it does needs a more global effort to counter it.
"This shows the need for government, law enforcers and policy makers across the world, irrespective of their political persuasion or perspective, to work together to try and counter the risk."