WannaCry Ransomware Attack: Hackers Raised $50,000 In Bitcoins, Now What?

The largest ransomware cyberattack in history started infecting computers around the world last Friday. CNN reported the WannaCry virus infected more than 200,000 machines by Monday morning, including hospitals, universities and government agencies from the United Kingdom National Health Services to the Russian Central Bank and even Indian police systems in the state of Andhra Pradesh. The hackers demanded a $300 bitcoin ransom from each victim within 72 hours, or the data ransom price would rise and the computers would be locked permanently.

Yet by Monday morning, the London-based bitcoin tracking experts at Elliptic Enterprises Ltd. found only about $50,000 worth of bitcoin ransoms were paid, Bloomberg reported.

“The sheer magnitude and scale of this was unlike anything we’ve ever seen,” Gabriella Coleman, author of Coding Freedom: The Ethics & Aesthetics of Hacking, told International Business Times. As law enforcement agencies scramble to apprehend the unidentified culprit, the cyberattack has already started to change the way people think about cryptocurrency.

Read: Telefonica WannaCry Ransomware: One Of Spain's Largest Telecom Companies Hit By Cyberattack

Right now, bitcoin is the currency of choice for ransomware hackers worldwide. But the recent attack showed it may not be the most profitable medium. “Not everyone is familiar with how bitcoin operates,” Coleman said, explaining that confusion about cryptocurrency probably discouraged victims from paying the bitcoin ransom. Despite bitcoin's outdated criminal reputation, the U.S. Treasury Department's Financial Crimes Enforcement Network now monitors bitcoin transfers and exchanges.

"In the U.S., every major bitcoin exchange is regulated by FINCEN," Peter Van Valkenburgh, director of Research at the Coin Center, told IBT. "Right now the $50,000 extorted from victims is just sitting on the bitcoin network. ... That [exchange into local currency] is where you're vulnerable to being identified."

Coleman said it’s quite likely U.K. and U.S. law enforcement agencies will be able to track down the attacker even if the culprit doesn't exchange the extorted bitcoins for dollars. Researchers at the University of Luxembourg have already published methods to deanonymize bitcoin transactions. If authorities are able to find the user’s bitcoin address, like FBI agents did when they arrested Silk Road operator Ross Ulbricht and confiscated his laptop, that bitcoin address can be used to track the individual’s transactions.

“As there’s more regulation with bitcoin, and people realize it’s not as anonymous as they thought,” Coleman said. “Some of these alternatives like zcash will start to be more popular.”

Read: NSA Hacking Tools Used In WannaCry Global Ransomware Attack Targeting Hospitals, Banks And Tech Companies

Some hackers, both activists and criminals, already have started to prefer smaller, less traceable cryptocurrencies like zcash. “This [zcash] brings back a little bit of that privacy that computers have taken away from us,” Matthew Green, the Johns Hopkins professor who developed zcash along with his graduate students in 2013, told the New York Times. “This technology gives us a defense against something that until now we have been defenseless against.”

This international cyberattack may end up inadvertently proving how transparent and efficient bitcoin is for complex, global transactions. "This is actually a very real proof that it works and is efficient," Van Valkenburgh said. "It's unfortunate that it came up in this context. ... It's not really a particularly private way to transact on the internet. It is very amenable to data analysis."

Generally speaking, media coverage of the bitcoin ransom demands could actually spur more mainstream adoption of the cryptocurrency. “It will fuel interest in bitcoin,” Coleman said. The value of bitcoin continues to rise as the hunt for the Wannacry ransomware hackers continues. "China is already taking a stronger hand, the European Union is looking into the same type of anti-fraud regulation," Van Valkenburgh said. "This may speed that along."