Any ransom payments made in cryptocurrency are taxed as property rather than currency, so be aware of the U.S. tax implications.To get more news
about
ONT, you can visit wikibit.com official website.
Now, as trade increasingly has shifted to the digital realm during the
global COVID-19 pandemic, cyberattackers are taking advantage of
organizations‘ lax cybersecurity measures. They are using ransomware to
lock these organizations’ data with encryption until a ransom payment in
cryptocurrency is made. Back in 2019, 98% of ransomware payments were
made in Bitcoin (BTC).
Anne Neuberger, United States deputy national security adviser for cyber and emerging technology, explained:
“The number and size of ransomware incidents have increased
significantly. [...] The U.S. government is working with countries
around the world to hold ransomware actors and the countries who harbor
them accountable, but we cannot fight the threat posed by ransomware
alone. The private sector has a distinct and key responsibility.”
The administration of President Joe Biden is moving to treat
cyberattacks — which are estimated to cost $1 trillion a year and often
take the form of ransomware — as a national security threat.
Intelligence agencies have concluded that they pose an elevated threat
to the country, with gasoline, food supplies and hospital systems at
risk.
Recently, the U.S. Department of Justice seized 63.7 BTC (worth
approximately $2.3 million at the time) representing the proceeds of a
ransom payment made by Colonial Pipeline to the group known as
“DarkSide.” It did so via a coordinated effort with the DoJs Ransomware
and Digital Extortion Task Force, which collaborates with domestic and
foreign government agencies in addition to private-sector partners to
combat this significant criminal threat.
Lisa Monaco, the DoJ's deputy attorney general, noted: “Following the
money remains one of the most basic, yet powerful tools we have.” She
continued:
“Ransom payments are the fuel that propels the digital extortion
engine, and [..] the United States will use all available tools to make
these attacks more costly and less profitable for criminal enterprises.”
Paul Abbate, deputy director of the Federal Bureau of Investigation, added:
“We will continue to use all of our available resources and leverage
our domestic and international partnerships to disrupt ransomware
attacks and protect our private sector partners and the American
public.”
U.S. tax implications of ransom payments in cryptocurrencies
One question is whether ransomware payments can be considered an
“ordinary and necessary” cost of doing business and be deducted from
taxable income as a theft loss under Sections 162(a) and 165(a) of the
Internal Revenue Code, which provides the authority to deduct any losses
that were not covered by insurance or some other means. There are
several judicial and administrative definitions of theft, and the
Internal Revenue Services definition seems broad enough to encompass a
cyberattack and allow for ransomware payments made in cryptocurrency to
be deducted as a business expense for federal tax purposes.
However, under Section 162(c), if the ransom payment in cryptocurrency
constitutes an illegal bribe, illegal kickback, blackmail payment or
other illegal payment — such as one made to a group classified as a
terror organization under any U.S. law — it would not be tax-deductible.
Thus, a taxpayer should distinguish illicit payments from ransomware
cryptocurrency payments by highlighting the theft of property. Questions
of illegality may arise when paying a ransomware demand in
cryptocurrency to a cybercriminal with a known connection to a
sanctioned or boycotted foreign government.
Here is an example, provided by Elliptic co-founder and chief
scientist Tom Robinson: “Elliptic was first to identify the Bitcoin
wallet used by the DarkSide ransomware group to receive a 75 Bitcoin
ransom payment from Colonial Pipeline. [...] DarkSide [which is believed
to be based in Eastern Europe] is an example of ‘Ransomware as a
Service’ (RaaS). In this operating model, the malware is created by the
ransomware developer, while the ransomware affiliate is responsible for
infecting the target computer system and negotiating the ransom payment
with the victim organisation. This new business model has revolutionised
ransomware, opening it up to those who do not have the technical
capability to create malware, but are willing and able to infiltrate a
target organisation.”
Ransomware attackers may even offer a victim company a discount if it
transmits the infection to other companies. These ransom payments in BTC
are then laundered on dark web markets, according to a report issued by
Flashpoint and Chainalysis.
Any ransom payment made in cryptocurrency is taxed as property rather
than currency. Therefore, taxpayers are expected to keep detailed
records of these ransom payment cryptocurrency transactions, report any
gains and report the fair market value of any mined cryptocurrency on
their tax returns as well.
