Hello,

We noticed you're browsing in private or incognito mode.

To continue reading this article, please exit incognito mode or log in.

Not an Insider? Subscribe now for unlimited access to online articles.

Connectivity

Companies Are Stockpiling Bitcoin to Pay Off Cybercriminals

The rise of malware that holds data hostage has led companies to buy Bitcoin to use as ransom in case of an attack.

Digital currency Bitcoin is variously promoted as an alternative to gold, a good way to make international transfers, or the future of e-commerce. New research suggests that companies are now stockpiling Bitcoin for a different reason: so they can pay up quickly if their data is held ransom by malicious software.

Ransomware, as it is called, has locked up the data of huge numbers of individuals and businesses in recent years. Many of them, including police departments and hospitals, have opted to pay up to get their data back.

A small survey by corporate networking company Citrix indicates that some IT professionals are even stockpiling bitcoins so they can pay up quickly in the event ransomware strikes their network. Out of 250 IT and security workers at U.K. companies with more than 250 employees, a third said they were stockpiling the currency. A researcher at Cornell recently tweeted that the university’s treasurer created an account with the Bitcoin exchange Coinbase so as to be ready if ransomware struck.

Almost half of respondents in the Citrix survey said that company data was not backed up at least daily. Security experts advise that backups are the best defense against ransomware and generally discourage paying off ransomware, since it encourages the industry.

Holding Bitcoin in reserve could help a company without backups get back online faster. Most companies have no reason to have a Bitcoin account otherwise. Having one ready to go could save precious time during which a company can’t operate as normal.

Just how many companies are setting aside ransom money in advance is probably hard to know because it’s something they may be loath to advertise. Acknowledging that you are ready to pay—and perhaps don’t have a good backup system—could attract the attacks this policy is designed to handle.

(Read more: “With Hospital Ransomware Infections, the Patients Are at Risk,” “Holding Data Hostage: the Perfect Internet Crime”)

Become an MIT Technology Review Insider for in-depth analysis and unparalleled perspective.

Subscribe today

Uh oh–you've read all of your free articles for this month.

Insider Premium
$179.95/yr US PRICE

More from Connectivity

What it means to be constantly connected with each other and vast sources of information.

Want more award-winning journalism? Subscribe to Insider Plus.
  • Insider Plus {! insider.prices.plus !}*

    {! insider.display.menuOptionsLabel !}

    Everything included in Insider Basic, plus the digital magazine, extensive archive, ad-free web experience, and discounts to partner offerings and MIT Technology Review events.

    See details+

    What's Included

    Unlimited 24/7 access to MIT Technology Review’s website

    The Download: our daily newsletter of what's important in technology and innovation

    Bimonthly print magazine (6 issues per year)

    Bimonthly digital/PDF edition

    Access to the magazine PDF archive—thousands of articles going back to 1899 at your fingertips

    Special interest publications

    Discount to MIT Technology Review events

    Special discounts to select partner offerings

    Ad-free web experience

/
You've read all of your free articles this month. This is your last free article this month. You've read of free articles this month. or  for unlimited online access.