The Cryptocurrency Forensics Solution to OFAC’s $11.5 Billion Ransomware Conundrum

Figure 1: The International Economics of RaaS (Ransomware as a Service) by Industry. FireEye Mandiant, 2020

Cryptocurrency Forensics: A More Modern Approach

Figure 2: Average dwell time of ransomware bitcoin wallets: Locky, WannaCry and Ryuk.
Figure 3: Transaction In/Outflow of Ransomware Variants
Figure 4: In/Outflow Transactions — Ryuk (Hackers Active on UTC 14:00–23:00. Probably European.)
Figure 5: In/Outflow Transactions — Locky (Hackers active UTC 8:00–18:00. Probably European)
Figure 6: In/Outflow Transactions — WannaCry (Hackers active UTC 9:00 -16:00. Probably Russian)
Figure 7: Heatmap of International Ryuk Ransomware Victims. Kaspersky, 2019
Figure 8: AI-powered Auto-trace of Ransomware Funds Flowing to Exchange

The Evolving Face of Ransomware

The diverse profiles of 3 ransomware families

Closing Remarks

  1. Utilization of cryptocurrency forensics as a powerful tool for hacker attribution.
  2. Preventive forensics, blocking ransomware payments to sanctioned individuals.
  3. AI/ML-powered intelligence empowering OFAC-compliant AML/CFT, enabling ransomware payments when possible.
  4. Comprehensive policy, education, and tech solutions to reduce long-term incidence of ransomware attacks.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
AnChain.AI

AnChain.AI

292 Followers

Blockchain data analytics firm providing security, risk, and compliance solutions.