Digital coin exchanges, popular with consumers for speculating on cryptocurrencies, can also serve as a means for criminals to launder Bitcoin payments into other untraceable assets.
Ransomware payments increased from $400m in the whole of 2020 to $600m in the first half of this year, according to US officials. However, this is thought to be far short of the true total, with few reporting requirements for companies hit by such attacks.
In September, the US President Joe Biden began a crackdown on suspicious cryptocurrency exchanges accused of enabling ransomware gangs to exchange their gains, issuing sanctions against a Russian digital coin exchange.
In an interview with The Daily Telegraph, Mr Hannigan added that the risk of ransomware attacks remained high due to a failure by many businesses to “get the basics right”.
He said: “If you look at recent attacks, most have been delivered through flaws, human weakness and problems we have been talking about for 15 years.
“We say a lot of the time that nation state attacks are ‘sophisticated’ – of course they are, but they very often get in through the same things like poor authentication, passwords, failure to use two-factor authentication, IT hygiene, failure to patch.”
The Government is planning to tighten up rules around cyber security for businesses, banning default passwords on products and creating a public reporting system for flaws found in consumer devices. Companies could face fines of up to £10m for basic cyber failures.
In a report, Bluevoyant said some of the biggest hacking risks came from “third-party” sources. Companies often plug-in off-the-shelf software into their systems with little vetting. Bluevoyant said that 39pc of businesses had no way of identifying these risks.