As cybercrime tools become cheaper and easier to use, financial institutions in the UK are reportedly stockpiling reserves of cryptocurrency that can be used to pay off criminals who threaten to disrupt key computer networks.
Some major banks now take the position it is more effective to agree to the extortion demands of cybercriminals rather than risk a full-blown cyberattack, according to Dr Simon Moores, chairman of the e-Crime Congress and former technology ambassador for the UK government.
"Financial institutions are now exploring the need to maintain stocks of bitcoin in the unfortunate event that they themselves become the target of a high-intensity attack," he told The Guardian, adding: "The police will concede that they don't have the resources available to deal with this because of the significant growth in the number of attacks."
One of the most recent incidents was a distributed-denial-of-service (DDoS) attack against the US-based DNS provider Dyn.
The subsequent outage – since blamed on the notorious Mirai botnet - took out a slew of websites including Twitter, Reddit, Netflix, PayPal and Amazon Web Services (AWS).
The botnet, which infects Internet of Things (IoT) devices such as home internet routers and CCTV cameras, was exploited by an unknown cybercriminal to send waves of traffic towards the Dyn website servers, which hosted these major sites, and used to force the platform offline.
The same DDoS tactic – deployed on an unprecedented scale last month – was used to target security researcher and journalist Brian Krebs. Later, the source code for the malware was published online and has since been used as a basis for extortion demands.
On such threat, as published on the Web Hosting Talk forum, warned: "If you will not pay in time, DDoS attack will start, your web-services will go down permanently. After that, price to stop will be increased to 5 BTC with further increment of 5 BTC for every day of attack."
The weaponisation of hacking tools
This evolution, according to Moores, is the "weaponisation" of [hacking] tools. He said: "Big companies are now starting to worry that an attack is no longer an information security issue, it's a board and shareholder and customer confidence issue."
In 2016, the size of DDoS attacks in the wild have spiked – now reaching well over 600 gigabits of data a second being directed at a victims' server. Moores predicts the situation is getting out of control. "Once it goes above a terabit, that wipes out any protection," he said. "No current protection systems can deal with that sort of flood."
Alongside an alarming rise in ransomware attacks, the introduction of botnets enhanced by IoT devices – many of which remain easy to hack – now appears to be of major concern to financial institutions, all of which rely on online infrastructure to operate effectively.
Back in August, Marcin Kleczynski, chief executive of cybersecurity firm Malwarebytes, also said UK banks were hoarding Bitcoin as a method of paying extortion attempts. "I talked to a couple of banks and they say they have 50-100 bitcoin ready at all times in a wallet to deploy if a ransomware attack hits," he told Business Insider.