Is Cryptocurrency What Makes Ransomware Possible?

The story about Baltimore's entire municipal IT system being held hostage by ransomware has two angles that might be of interest to Slips readers. 

First, among the services that are affected is the city's lien recordation system (the city is treated as a county; confusingly there is a separate Baltimore county). That means you can't readily get a lien search, and that's gumming up property transactions.  To me this underscores the risk of electronic property records. They are vulnerable to disruption in a way paper is not. One has to worry about fire and water with paper, but we know how to deal with those risks pretty well. Electronic systems are vulnerable in other ways.  Indeed, if a system can be taken hostage, what prevents data from being altered without Baltimore's knowledge?  I don't want to be a Luddite here, but the convenience of electronic systems comes with some scary risks. 

Second, the payment demanded is in Bitcoins. Ransomware seems very dependent upon cryptocurrencies (particularly Bitcoin). Did ransomware even exist before Bitcoin? (That's a serious question. Maybe someone knows.) The only reason to take data hostage is to get paid. But payment is the dangerous moment for the hostage-taker:  if the payment can be traced to the hostage-taker, the long arm of the law can likely get him too.  This means that a bank-based payment system doesn't work well for the ransomware model. Banks are required to "know their customer," and while false fronts can be used that still creates a possible route for law enforcement, as the beard may know who hired him, etc.  Prepaid cards and cash present similar problems because they have to be physically delivered.  But crypto, ah, crypto seems perfectly made for ransomware, particularly when the hostage takers are overseas.     

If I'm right about this, it leaves me wondering first, why there isn't much more stringent regulation of crypto-currency markets for AML? Not all the players can base themselves off-shore. Even if an exchange is in Ruritania, US consumers need to have a wallet provider. Someone's going to be doing business in the US and using a US bank. If the US can squeeze state actors with its AML regime, why can't it similarly squeeze crypto markets into compliance?   

Second, is there any positive social value to crypto currencies? They seem to be used primarily for two purposes:  money-laundering (I'm including ransom payments in this bucket) and speculation.  Other than the occasional odd case, they aren't being used to hedge, for payments, or for any other socially beneficial purpose that I can tell. Maybe I have this wrong, but I'm having trouble seeing why crypto currencies should be tolerated by the law.