British firms are stockpiling cryptocurrencies including bitcoin and ethereum so they can pay off hackers in the event of a ransomware or malware attack, experts have revealed.
Cyberattacks that lock down computer files in exchange for money have become increasingly common – and digital crooks almost always demand payment be made in cryptocurrency. Following major outbreaks in 2017, it appears UK businesses are now preparing for the worst.
"Companies are definitely stockpiling bitcoin in order to be prepared to pay ransoms," Paul Taylor, former Ministry of Defence cyber chief, told The Telegraph.
Taylor, who now works for KPMG, said that employees of some British firms – which he did not name – are being told to open digital wallets and keep a close eye on the price of cryptocurrencies, which change daily.
One cryptocurrency, called bitcoin, recorded an unprecedented spike in value over the past 12 months.
"Some are saying 'if bitcoin is going to go up, we had better buy some now, whilst it is not so pricey'," he told The Telegraph. "Some are looking into ethereum because it's cheaper."
Security experts have long warned business owners against paying the ransom demands of criminal hackers, arguing that doing so only fuels the underground economy. UK police have complained that bosses are still reluctant to come to them for advice following an attack.
It appears that, to some CEOs, paying up is simply easier than having to report to the UK's data breach watchdog, the Information Commissioner's Office (ICO). But as evidenced by Uber, which attempted to keep a cyberattack under the radar, this approach can backfire.
"[Storing cryptocurrency] is not something that organisations have publicly confirmed, because it says 'we are willing to pay criminals in the event we are hit by ransomware'," said Raj Samani, security expert at McAfee. "However, it is certainly a practice we are aware is being done."
Earlier this year, a massive ransomware outbreak hit computers around the world. Known as "WannaCry", it demanded money from victims' to restore access to sensitive networks. A few months prior, ransomware locked down critical systems in a large US hospital.
And it seems that businesses are not the only entities fearing the consequences of cybercrime. As previously reported, UK banks have also looked into stockpiling bitcoin.
"Institutions are now exploring the need to maintain stocks of bitcoin in the unfortunate event that they themselves become the target of a high-intensity attack," said Dr Simon Moores, former tech ambassador for the UK government, in October last year.
"The police will concede that they don't have the resources available to deal with this because of the significant growth in the number of attacks," he added.
In August 2016, Marcin Kleczynski, CEO of security firm Malwarebytes, also said UK banks were hoarding bitcoin as a method of paying extortion attempts. "I talked to a couple of banks and they say they have 50-100 bitcoin ready at all times in a wallet to deploy if a ransomware attack hits," he told Business Insider at the time.
Experts in the field have told IBTimes UK that any firm hit with ransomware should contact the No More Ransom campaign, which in many cases can help to decrypt locked computer files.
"My recommendation would be to not pay at all, as you would quite simply be funding criminal behaviour," Mark James, security expert at ESET, told this publication last year.
He added: "Making sure your applications, operating system and security software is up to date and making sure you backup regularly is the best defence against this type of behaviour. Backup options these days are so cheap it really is a no brainer, do not pay."