A rise in the popularity of cryptocurrency-based crime, doubled with a lack of regulation, has paved the way for cybercriminals to extort vast amounts of money from legitimate organizations.

These payouts have produced a sophistication around nonstate-sponsored threat actors, as they now have the funds to expand their operations and capabilities.

Security researchers estimated that the infamous Conti ransomware gang’s revenue has surpassed $2 billion — most of which involved cryptocurrencies. Its success has seen the group grow, so much that it essentially has an HR department to serve and train employees. It even pays employees and associates in digital currencies.

Defending an organization from attacks is an endless game of cat and mouse, as threat actors only need to be right once, but defenders must always be right. When it comes to cryptocurrencies, however, the game is more nuanced than it sounds. To understand the situation, let’s look at how cryptocurrencies enable both attackers and defenders.