Would making cryptocurrency illegal prevent ransomware attacks

grassylawn · 20-05-2021 10:59am #1

Or reduce them? My understanding is that cryptocurrency is a major facilitating factor?

Tazium · 21-05-2021 9:24am

Don't believe so, threat actors would move to other models or even brokers. Making something illegal here doesn't mean it's illegal in other countries. It's a challenge.

grassylawn · 21-05-2021 11:10am

Tazium wrote: »

Don't believe so, threat actors would move to other models or even brokers. Making something illegal here doesn't mean it's illegal in other countries. It's a challenge.

I meant if was made universally illegal. I'm thinking in purely hypothetical terms, not saying that is necessarily a realistic proposition.

hmmm · 21-05-2021 5:52pm

I think so (hypothetically). Before cryptocurrencies there was no way for attackers to easily obtain large sums in a relatively anonymous manner.

There have been attacks in the past against banks where large sums were transferred, but it required a sophisticated back-end operation to quickly distribute and launder the proceeds. These days an insurance company can pay out $40m in bitcoin and it just disappears into the blockchain.

I'm expecting regulation will choke this over the next few years, but it doesn't help us now.

AndrewJRenko · 23-05-2021 1:22am

hmmm wrote: »

I think so (hypothetically). Before cryptocurrencies there was no way for attackers to easily obtain large sums in a relatively anonymous manner.

There have been attacks in the past against banks where large sums were transferred, but it required a sophisticated back-end operation to quickly distribute and launder the proceeds. These days an insurance company can pay out $40m in bitcoin and it just disappears into the blockchain.

I'm expecting regulation will choke this over the next few years, but it doesn't help us now.

A more likely scenario would be to make it illegal for insurance companies to pay ransoms, as France has done.

horgan_p · 23-05-2021 12:13pm

It wouldn't work.

Similar to making knives illegal to cut out stabbings.
Making things "illegal" on the internet just isn't possible.
That isn't how the internet works.

Impetus · 04-07-2021 3:02pm

Life would not exist without payment methods. Go back to barter? And even then if you bartered a lump of gold for a software package which contained malware, the payment method would not remove the malware problem.

In physical goods, I couldn't make an electric car window, which might slice the arm off somebody who puts their arm out of the car window. If I tried, I'd be put out of business in the morning by law etc.

Software companies are allowed to use exclusion clauses in licence agreements.

Even in dumb 'common law' (mainly English speaking) countries there are 'fitness for purpose' and 'merchantable quality' clauses in law, which can't be avoided in small print in the case of sale of goods.

In civil law countries (which is most of the non Anglo-Saxon world), if a doctor gives you a script for a 5mg pill, and it should have been a 10mg version of the drug, s/he can on conviction go to jail, if you suffer as a result of the script error.

Liability exclusion clauses need to be removed from license agreements by law to force software and online vendors from being negligent (and getting away with it) in terms of development or non creation of a 'fix platform' that works for their offering for a specified duration of lifetime of the product. In the EU if you sell packaged food, one must specify a shelf life expiry date. Software needs an obligatory legally defined expiry date for support of the product version.

So malware con artists can exist, but if I click on a link in MS word (or otherwise) the Word app / operating system should block any damage - or else Microsoft etc should be legally liable for the damage caused.

grassylawn · 04-07-2021 6:25pm

Impetus wrote: »

Life would not exist without payment methods. Go back to barter? And even then if you bartered a lump of gold for a software package which contained malware, the payment method would not remove the malware problem.

In physical goods, I couldn't make an electric car window, which might slice the arm off somebody who puts their arm out of the car window. If I tried, I'd be put out of business in the morning by law etc.

Software companies are allowed to use exclusion clauses in licence agreements.

Even in dumb 'common law' (mainly English speaking) countries there are 'fitness for purpose' and 'merchantable quality' clauses in law, which can't be avoided in small print in the case of sale of goods.

In civil law countries (which is most of the non Anglo-Saxon world), if a doctor gives you a script for a 5mg pill, and it should have been a 10mg version of the drug, s/he can on conviction go to jail, if you suffer as a result of the script error.

Liability exclusion clauses need to be removed from license agreements by law to force software and online vendors from being negligent (and getting away with it) in terms of development or non creation of a 'fix platform' that works for their offering for a specified duration of lifetime of the product. In the EU if you sell packaged food, one must specify a shelf life expiry date. Software needs an obligatory legally defined expiry date for support of the product version.

So malware con artists can exist, but if I click on a link in MS word (or otherwise) the Word app / operating system should block any damage - or else Microsoft etc should be legally liable for the damage caused.

Microsoft do give formal end of life dates for products. Sometimes they offer to continue supporting it for a defined period beyond that for a fee.

I wasn't thinking in terms of cryptocurrency being used as a delivery mechanism for malware. (I'm not aware that it can be?) I mean that it reduces the risk for ransomware attackers as it allows them to collect payment while remaining anonymous.

Doctors need to attain licences to practice off the back of lengthy study. They don't generally need to worry about people going around actively trying to make their patients/customers sick. Therefore I don't think it is a good frame of reference for thinking about this.

Impetus · 04-07-2021 8:00pm

Big software/big data = mafiosi. Supported by (mainly) corrupt politicians globally.

AndrewJRenko · 04-07-2021 9:38pm

grassylawn wrote: »

Doctors need to attain licences to practice off the back of lengthy study. They don't generally need to worry about people going around actively trying to make their patients/customers sick. Therefore I don't think it is a good frame of reference for thinking about this.

Actually, there are many businesses going around actively selling products that will generally make their customers sick - soft drinks, alcohol, cars, cigarettes and more.

Impetus · 04-07-2021 10:38pm

AndrewJRenko wrote: »

Actually, there are many businesses going around actively selling products that will generally make their customers sick - soft drinks, alcohol, cars, cigarettes and more.

Agreed. Much of which are 'made' in Ireland.

Would making cryptocurrency illegal prevent ransomware attacks

Comments