The article briefly touches on this, but my belief is the one thing that may eventually "take down" cryptocurrency is ransomware.<p>That is, ransomware as it exists today is <i>only</i> possible because secure, anonymous, non-reversible methods of payment exist in the form of cryptocurrency. Things like bearer bonds were outlawed decades ago because of a similar desire to make large anonymous, easily transportable payments impossible.<p>Honestly, if anything, I see ransomware as probably the primary use case today for crypto besides speculation.
> These "customers," who have zero coding skills or software expertise, take advantage of a ransomware-as-a-service (RaaS) model to gain sophisticated capabilities<p>> Incredibly, many of these operations look and function like authentic businesses. "They rent office space, they have development teams, data architecture teams, help desks, phone support, and people that negotiate ransoms with targets"<p>What a crazy world we live in, where criminal organization have a quasi-normal corporate structure and even manage a "customer" support team
My prediction: Ransomware will be the scapegoat that leads the way on making the use of encryption a criminal offence. This is exactly what many governments want. Up till now, the best argument against encryption is "we can't see what criminals are doing", but that isn't very tangible for many people. Just wait until a powergrid or water treatment plant in the US is down for weeks due to being "attacked with encryption" (yes, that will be the spin), and you'll have tons of people ready to vote for the outlawing of any and all encryption without a license/backdoor/etc.
> Gangs also have begun encrypting backup systems, including cloud storage services such as Office 365 and Drop-box. Although 56% of the firms surveyed by Sophos regained control of their data through backups, that window appears to be closing. "[Cybergangs] have realized that the ransom demand becomes powerless if you have a full backup set in place and you can revert to it,"<p>This is why our backups at work write to a storage bucket with permissions such that they can create new files but not delete old ones. I'd definitely recommend this approach to everyone who can afford the storage space.
> <i>Not surprisingly, dozens of major ransomware gangs now exist worldwide, including in Russia, Eastern Europe, and North Korea.</i><p>To what extent should ransomware activity be considered low-grade economic warfare by nation-states who can't or won't police cyber-criminals, and thus justification for robust national responses such as sanctions?
> Some, including the U.S. Treasury, have promoted the idea of making it illegal to pay a ransom, though the idea has not gained widespread support.<p>That's probably the only solution, besides the obvious ones like actually protecting the systems.
How is it that Operating Systems don't default to a configuration that can't ever be changed by a rogue application process?<p>Why can't the OS be write protected? Why can't the configuration also be write protected?
>>Not surprisingly, dozens of major ransomware gangs now exist worldwide, including in Russia, Eastern Europe, and North Korea. Incredibly, many of these operations look and function like authentic businesses. "They rent office space, they have development teams, data architecture teams, help desks, phone support, and people that negotiate ransoms with targets," says Alexander Chaveriat, chief innovation officer at Tuik Security Group. "They buy server space all over the world using cryptocurrency, change servers as needed, and use virtual private networks and other tools to hide their location."<p>It is getting to the point where the threat is beyond office functions and to manufacturing, infrastructure and IOT.<p>With the threat escalating to that genuine national security level, and often under sponsorship or blind eye of criminal govts (NK, RUS...), we are not far from the point where the appropriate response is to deliver a kinetic response - as in a cruise missile through the window.
Ransomware only really works due to the lack of diversity of operating systems and software. If individuals and businesses were all running different stuff it would be nearly impossible to target them en mass. You could only target them one at a time.
"These "investors," who have zero industry skills or expertise, take advantage of a [insert economic activity]-as-a-service (?aaS) model to gain sophisticated capabilities"<p>The type of billionaire individuals who by virtue of inheriting billions upon billions, don't ever have any real skills (nor the need to develop any) and yet, they live in societies (subcultures) which expect that they keep having (and making) billions upon billions.<p>Think of descendants of descendants of founders of what are now giant corporations.<p>They fund VC-backed startups, which they then own (by proxy). They can barely use an iPhone; let alone understand how it works or is made.<p>Except the business being funded is a criminal enterprise, maybe their riches originally come from "shadier" dealings?<p>My point is that the underlying principle is the same, it's a very powerful principle. This is how the market enables societies to build super complex stuff. The marketplace abstracts away the complexities. This 'principle' is a technology, it's ethically neutral.