About 2000 years ago, during the Han Dynasty, China made peace with a few nomads in Central Asia who were constantly searching the merchants on the Silk Road for easy money. This was done in order to establish a full Silk Road trade route that stretched from China to Europe and secured great wealth from the luxury goods trade.

As trade increasingly shifts to the digital realm during the global COVID-19 pandemic, cyber attackers are taking advantage of companies’ lax cyber security measures. They use ransomware to lock the data of these organizations using encryption until a ransom payment is made in cryptocurrency. In 2019, 98% of ransomware payments were made in Bitcoin (BTC).

Connected: Unlike before: Digital currency starts amid COVID-19

Anne Neuberger, US Deputy National Security Adviser for Cyberspace and Emerging Technologies, explains:

“The number and magnitude of ransomware incidents have increased dramatically. […] The U.S. government is working with countries around the world to hold ransomware agents and the countries that host them accountable, but we cannot fight the ransomware threat alone. The private sector has the primary and clear responsibility ”.

President Joe Biden’s administration is working to treat cyberattacks – valued at $ 1 trillion a year, often in the form of ransomware – as a national security threat. Intelligence agencies have concluded they pose a major threat to the country as the gasoline, food and hospital systems are at risk.

Recently, the US Department of Justice seized 63.7 BTC (valued at about $ 2.3 million at the time), which is the proceeds of a ransom payment from Colonial Pipeline to a group called “DarkSide”. It did so through a coordinated effort with the DoJ’s Ransomware and Digital Extortion Task Force, which is working with government agencies at home and abroad, as well as with partners from the private sector, to counter this sizeable criminal threat.

Connected: Task Force Cybercrime oversees the global digital financial system

Lisa Monaco, Assistant Attorney General for the DoJ, stated, “Money tracking remains one of the most basic but powerful tools we have.” She continued:

“Ransom payments are the fuel that powers digital extortion and [..] The United States will use all available tools to make these attacks more costly and less profitable for criminal companies. “

Paul Abbate, assistant director of the Federal Bureau of Investigation added:

“We will continue to use all of our available resources and our national and international partnerships to prevent ransomware attacks and to protect our private sector partners as well as our partners such as the American public.”

US Tax Impact on Crypto Ransom Payments

One question is whether ransomware payments can be considered a “common and necessary” business expense and deducted from taxable income as theft loss under sections 162 (a) and 165 (a) of the Internal Revenue Code, which provides the right to deduct damage that are not covered by insurance or otherwise. There are several administrative and judicial definitions of theft, and the Internal Revenue Service’s definition seems broad enough to include a cyberattack and make cryptocurrency ransomware payments deductible as business expenses for federal tax purposes.

However, if a cryptocurrency ransom payment under Section 162 (c) constitutes an illegal bribe, kickback, extortion or other illegal payment – such as a payment to a group classified as a terrorist organization under US law – is not taxable deductible. Therefore, taxpayers should distinguish illegal payments from ransomware payments by highlighting property theft. When paying ransomware requests in crypto to cyber criminals with known links to a sanctioned or ostracized foreign government, questions about possible legitimacy may arise.

Connected: Compliance with the sanctions for fiat and crypto transactions is the same:

Here is an example from Elliptic co-founder and chief scientist Tom Robinson: “Elliptic was the first to identify a bitcoin wallet that was used by the DarkSide ransomware group to receive a ransom payment of 75 bitcoins from the Colonial Pipeline. […] Dark side [which is believed to be based in Eastern Europe] is an example of “Ransomware as a Service” (RaaS). In this operating model, the malware is created by the ransomware developer, while the ransomware partner is responsible for infecting the target computer system and negotiating the ransom payment with the victim organization. This new business model has sparked a ransomware revolution that is opening up to those who do not have the technical ability to create malware but are willing and able to infiltrate a target organization. “

Ransomware attackers can even give a damaged company a discount if they pass the infection on to other companies. These ransom payments in BTC are then laundered in dark web markets, according to a report released by Flashpoint and Chainalysis.

All cryptocurrency ransom payments are taxed as property, not currency. Taxpayers are therefore required to keep detailed records of these cryptocurrency ransom payments, report profits, and report the fair market value of each cryptocurrency on their tax returns.

In addition, the Financial Crimes Enforcement Network or FinCEN also regulates cryptocurrency-related transactions under the Bank Secrecy Act (BSA) by stating that “Administrators or exchangers (1) accept and transfer convertible virtual currencies, or (2) buy or sell convertible virtual currencies “. Currency, for whatever reason, is a money generator ”.

As a result, according to the BSA, it is mandatory for issuers of cryptocurrencies to conduct a risk assessment, develop a written program to prevent money laundering, appoint a personal compliance officer and take action.

Connected: US updates AML / CFT law on cryptocurrencies

It should be noted that those involved in greed and other scams under the Bitcoin ransom money system may be prosecuted and risk fraud / tax evasion. For example, John McAfee, the founder of the antivirus company of the same name, was recently indicted in the United States for several tax offenses related to this person’s cryptocurrency transactions and will face years of imprisonment if convicted. This could have been a factor in his decision to commit suicide in a Spanish prison after a court ruled that he could be extradited to the United States.

Connected: John McAfee’s suicide reports arouse skepticism and spark conspiracy theories

Conclusion

In a speech to the Senate Appropriations Committee, FBI Director Christopher Wray advised ransomware victims not to pay ransom to get compromised data back or regain network access. “In general, we would advise against paying the ransom because it encourages more of these attacks, and to be honest there is no guarantee that you will get your data back,” he said. , added, “We have to make it harder, and it is more painful for hackers and criminals to do what they do.”

“We took more than 1,100 actions against our cyber adversaries over the past year, including arrests, criminal charges, convictions, destruction and disruption, and many more through our dedicated partnerships with the private sector, overseas partners, and federal, state and local authorities enables. “