Here’s how these attacks work. A hacker penetrates a company’s systems—an often easy task, given many firms’ shoddy cybersecurity practices. The hacker uses ransomware to encrypt the company’s data, making it inaccessible to anyone who doesn’t have the requisite password, and then demands payment in Bitcoin or another digital currency. The victim can open an account on a cryptocurrency exchange, buy Bitcoin, send it to the hacker’s wallet address, and the hacker will then decrypt the victim’s data. Life can then go back to normal, save the embarrassment and damages suffered by the victim’s business—and anyone who depended on it. As for the hacker, they can launder their proceeds by using various exchanges and payment processors that shuffle the cryptocurrency around before issuing the same amount of currency in a new wallet, without a payment trail.
In some cases, it’s even easier. DarkSide, whose inner workings were just exposed in a New York Times article, offers what might be called “ransomware as a service.” DarkSide develops the software and facilitates the attacks on behalf of clients—it even offers customer support—and all share in the proceeds. A person only needs a target and a little startup capital.
The rejoinder one hears from crypto supporters, often called “coiners,” is that fiat money, like the dollar, is used for crime and corruption all the time. That’s undoubtedly true, but it’s also a red herring: Cryptocurrency’s main practical use, one could argue, is to facilitate crime and off-the-books financial transactions. That is not the case with the dollar, which is government-backed and sustains trillions in commerce every day. The dollar is imperfect, but it has widespread use, relative stability, and a robust, if insufficient, regulatory structure. Your bank account is even insured by the federal government—a far better arrangement than trading on a shady cryptocurrency exchange.
