Cryptocurrency values have risen and fallen in spectacular fashion over the last year and while financial watchdogs are looking to tighten the regulatory grip on how cryptocurrency trading operates, some traders have already profited from the volatility in the new currencies – and they’re not the only ones. Below Martin Voorzanger, EclecticIQ, explains for Finance Monthly how criminals are making the most of the current crypto sphere.
Another group making profits from the turbulent cryptocurrency market is cybercriminals. In fact, last year there was a marked increase in cryptomalware reports and breaches of crypto exchanges and it’s clear that 2018 will be no different. After all, where there is money, there is crime.
The future ‘bank job’
In some cases, criminals are adapting tried and tested cybercrime techniques – such as hacking email accounts, social engineering and spoofing emails – to prise digital coins out of the hands of those that own them.
For example, in late 2017, criminals pulled off the classic bank heist – with a twist. Making off with approximately 4,700 Bitcoins (valued at the time as $70m) in a raid on digital currency exchange, NiceHash, hackers gained access to the company’s payment services through an employee’s PC. The organisation described the attack as “sophisticated social engineering”.
Hackers found a similar route into Bithumb – South Korea’s biggest cryptocurrency exchange – earlier in 2017. Again, the weak link was an employee – and this time it was their home computer which was compromised. While, in this case, no currency was stolen, a vast amount of personal computer data was. Despite Bithumb suffering no real, initial monetary loss, the theft of sensitive personal data can actually be even more damaging to a business. In this instance, Bithumb stated that no passwords were stolen, but customers reported receiving calls and emails that scammed them out of funds, ultimately resulting in financial loss for Bithumb and potentially an irreversibly damaged reputation.
While, bitcoin and other cryptocurrencies may have been designed with security in mind through the blockchain platform, to keep their crypto assets and data safe, organisations can’t rely on this alone. Yes, blockchain is notoriously difficult to tamper with, however opportunist criminals have found something much easier to compromise – the computers and employees within exchanges.
It is for this reason that organisations must exercise more caution and ensure all security technology and practices are fit for purpose. Good security hygiene should always be front of mind in finance matters – whether it’s around cryptocurrency or not.
A new kind of ‘botnet’
Potentially more worrying than these older, but still successful, cybercrime tactics, is when criminals start to adapt new techniques specifically with the intention of defrauding holders of crypto assets. One of the methods that is becoming popular with criminals in a bid to exploit digital currencies is cryptojacking – where cybercriminals take over employees’ computers to secretly mine cryptocurrency. While the method itself has been around for some time, the surge in the value of cryptocurrencies means mining coins has become an incredibly enticing prospect for criminals. And although each infected device can only mine a small amount of value, criminals are collecting enough machines to create data-mining ‘botnets’ which collectively, can deliver a large profit.
While cryptojacking in itself may not carry the destructive payload of ransomware or other malware, it still represents a device compromise and one which, at best, affects the performance and longevity of devices and, at worst, provides an open doorway for more destructive threats, such as ransomware.
Furthermore, it’s not just the cryptocurrencies themselves that are under threat of attack. Worryingly, earlier this year, security firm Radiflow reported that a European water provider had been compromised. This attack represented the first public discovery of cryptocurrency mining malware in the systems of a critical national infrastructure organisation proving that criminals are no longer just after currency – they want power.
The threat to cryptocurrencies is real and growing – whether the end game of the criminals is financial gain or to disrupt critical infrastructures. Indeed, Microsoft warned earlier this year that it has seen a surge in currency-mining malware infecting Windows PCs in enterprises around the world. The company believes this could be the work of external criminals or, equally, insiders with access to company systems.
Ultimately, while cryptocurrencies themselves are secure, the exchanges and the systems that surround them are not. Humans remain the weakest link – whether intentionally or not – criminals continue to use the same tried and tested vectors of attack and humans are still just as vulnerable to being conned or manipulated by social engineering.
One thing is for certain though – cybercrime activities in this area will not decrease anytime soon. Organisations need to make sure they have the correct security measures in place, including ensuring that employees understand the threats associated with social engineering, to best protect against this new kind of threat.