Hackers demand payment in crypto, participate in scams that lead to crypto theft directly, or target crypto trading companies.

What can individuals and businesses do to protect their crypto assets?

Here, we’ll go over some of the most prominent cyberattack techniques targeted at crypto that every user and company should know about in 2023 and what you can do about it.

Crypto Scams to Watch Out For

As an individual with funds in crypto, you’re likely to encounter attempts of fraudulent investment schemes, giveaways, phishing attacks, and more.

At the heart of most investment scams is the promise of incredible financial gain if you send the person in question a certain amount in crypto.

While most phishing attempts happen via email, there are also instances of SMS phishing. For example, the recent data breach that occurred at the crypto trader Coinbase’s premises started with SMS phishing.

An employee received an SMS that urged them to click on a link and log in using their credentials. With that action, cybercriminals were given all the data they needed to gain illicit access to the company’s systems.

Solution: Work on Your Personal Cybersecurity Hygiene

Individuals looking to avoid scams and subsequent crypto theft should:

● Steer clear from crypto giveaways

●      Update passwords regularly

● Avoid linking traditional bank and crypto accounts

● Know the signs of a scam message ⁠— time pressure and big promises that sound too good to be true are often just that

● Avoid clicking any links that lead to the login page

● Never disclose your key ⁠— even if the request seems to be coming from the legitimate trader

Extortion and Ransom in the Name of Crypto

Since the majority of cybercrime is financially motivated, it’s common for criminals to demand crypto (which is more difficult to trace) during ransom and extortion attempts.

For example, it recently came to light that an Australian citizen attempted to extort an unnamed emergency service for $5 million worth of crypto by threatening to start a bushfire. The service didn’t meet his demands, and the man was charged as a result.

Ransomware cases (in which cyber criminals lock documents and demand ransom in crypto in exchange for access to files) are on the rise — and putting affected users and businesses in a difficult situation.

Many businesses have paid a ransom to get back access to important files.

Solution: Don’t Oblige to the Hacker’s Demands

We understand that this is easier said than done — especially when you’re locked out of your entire infrastructure or don’t have access to sensitive files following ransomware.

While in many countries it’s not illegal to pay up to hackers demanding ransom, this decision can:

● Backfire once the public finds out that you’ve paid the ransom — thus affecting your reputation

● Give criminals monetary funds for further activity — they can do the same to someone else or threaten you again

● Go wrong since there is no guarantee that the hacker will give you access to your system

Zero-Day Threats Going After Crypto Companies

Now, we’re in the territory of more sophisticated hacking attempts. In cybersecurity, this can refer to zero-day weaknesses or flaws in the system that IT teams haven’t yet discovered.

A company with critical flaws that aren’t patched is open to possible hacking exploitations.

For example, a trojan dubbed Parallax RAT has been discovered recently. Its main target is cryptocurrency firms.

As with any other trojan malware, this one hides in different documents to sneak in the “gift horse” to targeted devices. This malicious software (AKA malware) can record keystrokes and take screenshots.

This means that it can remember the password and username that a victim types in, as well as the key used for the account.

Solution: Robust Security For Crypto Companies

Users don’t have a lot of power when it comes to fighting such advanced attacks. Crypto trading companies are responsible for securing assets as well as protecting their clients.

What can you do?

Be careful when you choose a crypto company. Check if they’re reputable and whether they’ve already experienced major cybersecurity incidents in the past. Pay attention to how they resolved the issue and communicated with the public about the data breach.

Advanced black hat (illegal) hackers and hacking groups typically go after companies that already have strong security, multiple solutions, and teams to manage it. But can they handle more sophisticated techniques such as Parallax RAT?

How can businesses prepare? Start with:

● Setting up layered security

● Testing the existing security solutions

● Strengthening the security daily

A data breach that compromises crypto wallets could be prevented if the company has multiple security points and protocols that cover the complete attack surface (any software and device that could be attacked).

Besides setting up a strong defense strategy, it’s vital to continually improve it with tools such as automated breach and attack simulation that test the security an organization has in real-time.

It then updates the findings on the dashboard — guiding the teams to uncover and patch up critical weaknesses.

This AI-based testing solution is also paired with MITRE ATT&CK Framework - the knowledge base that lists the latest hacking tactics and techniques, all the while offering solutions on how to fix the issue at hand.

Final Two Crypto Cents

Today, cryptocurrency firms are up against more damaging and dangerous threats than ever before — from new versions of viruses that can get into the system undetected to persistent phishing attacks.

However, the method on which the hackers rely the most is social engineering. Phishing is also the technique that individual users can do most about.

On a personal level, learning how to recognize scam emails, avoiding links designed to collect your sensitive data, and choosing a trusted crypto entity can save you a lot of money in the long run.

There is a rush to improve speed, convenience and user experience in financial interactions, but at what cost to security?

While for the most part bankers are positive about their ability to improve their financial performance in 2018 and beyond, evolving risks – particularly cyber risk – are no doubt preoccupying their thoughts.  A recent report by professional services firm, EY, puts cybersecurity as the number one priority for banks in the coming year, and it comes as no surprise, especially with Britain’s National Cyber Crime Unit data showing 68% of large UK businesses across sectors were subject to a cybersecurity attack or breach in the past 12 months.

It’s a mounting problem, and the financial services industry needs to fight back. We’ve picked out the four key ways of countering the continuing threat to banks’ cybersecurity – and it’s a case of fighting cyber with cyber.

1. Artificial intelligence

Like it is in retail and manufacturing, for example, artificial intelligence (AI) and advanced analytics will play a key role in banking moving forwards.

And the financial services industry is looking to this technology to play a major part in the prevention of cyber attacks, reducing conduct risk and improving monitoring to prevent financial crime.  Mitigating such external and internal threats is critical to both business continuity and limiting operating losses, and so AI shouldn’t be overlooked as a key tool in reaching this goal.

2. Electronic identification

In order to meet the regulatory technical standards, which will be enforced in September 2019 as part of the European Union’s PSD2 payments legislation, the number of transactions requiring two-factor authentication will rise in the coming months.

What has been deemed by the industry as “Strong Customer Authentication” will be required, and this should result in payments and account access relying on customers providing and using a combination of the following: something they know, like a password; something they have, like a phone or card; and something they are, such as a fingerprint.

More factors equals more security is the industry theory here.

3. Biometrics

Which leads us neatly on to point three: biometrics. This push for two-factor authentication and new electronic identification will pave the way for more biometrics use.  With some of the largest players in card payments, including Mastercard, investing heavily in such solutions, we expect others to start to follow suit.

As Ajay Bhalla, President for global enterprise risk and security at Mastercard puts it: “The use of passwords to authenticate someone is woefully outdated, with consumers forgetting them and retailers facing abandoned shopping baskets.

“In payments technology this is something we’re closing in on as we move from cash to card, password to thumbprint, and beyond to innovative technologies, such as AI.”

4. Blockchain

According to the EY research report, 20-40% of financial service providers are investing in Blockchain now and are planning to increase investment, while approximately the same percentage are investing now but planning to reduce expenditure.

Either way, it shows that Blockchain is very much on the agenda for banks. The main attraction of Blockchain is that it creates an indelible audit trail which is distributed across multiple servers, so there’s no single weak link for cyber attackers to target. This provides banks with unparalleled transparency and increases trust.

Blockchain also has the potential to make a complex global financial system less complicated and reduce the number of middlemen involved in the transferring of money.

So, that’s the technology on offer, but what are the next steps?

Unless banks collaborate more with their peers, or improve their use of the wider ecosystem, the required investment in advanced technologies to address issues of growing cybercrime will be substantial and could strain their ability improve financial performance and grow their businesses.

And, as bank leadership teams focus on investing in the relevant people and technology – and it is the combination of both that’s crucial here – to enhance cybersecurity, they may struggle to find the right skill sets or the right methods for integrating cyber experts into their organisations.

Raising their knowledge of the technology available to help stem the tidal wave of cyber threats is a key requirement for banks, if they don’t want to end up washed up on the shore as a result of their defences being breached.

Following an internal review, SEC Chairman Jay Clayton revealed that the organisation had been the victim of “Malicious attacks”. The revelation came in a 4,000-word statement released on Wednesday and caused concerns among those on the trading floor.

The Securities and Exchange Commission is responsible for handling almost 1.7 million financial market disclosure documents a year through its EDGAR system, which was revealed as the source of the leak. The admission will be a source of embarrassment for the SEC, whose mission statement is to ‘protect investors’. Clayton’s statement confirmed that the leak was discovered and subsequently fixed in 2016. However, last month they discovered that the breach may have resulted in people being able to use the data acquired in the hack to illegally make profits on the stock market.

In addition to the cyber hack, Clayton’s statement also confirmed the use of private e-mails being used to transmit confidential data and that a number of SEC laptops that may contain confidential data are missing.

Wall Street has been suitably dismayed by the leak, given the potential risks that have been thrust upon it by the very organisation that is tasked with policing trades. However, the cyber breach will not come as a surprise to many within the government who have previously raised concerns about the SEC’s security systems in the past, including the Department of Homeland security who reportedly discovered five “critical” weaknesses in their system as recently as the start of 2017.

The US markets are already on edge, following the recent Equifax data breach which resulted in the leak of 143 million consumer records and is the subject of increased scrutiny and at least one Federal investigation.

In a bid to restore faith in the institution, Clayton has given his assurances that the SEC is taking cyber security seriously; he stated that: "The Commission will continue to prioritize its efforts to promote effective cybersecurity practices within the Commission itself and with respect to the markets and market participants it oversees," and that all steps are being taken to ensure there is not a repeat of a leak.

The move is a further indication that large financial companies and institutions are under increasing threat from cyber hacks. The SEC statement did not specify who was behind the breach, but recently countries such as Russia and North Korea have been linked to several high-profile hacks on large organisations.

Clayton and the SEC will need to ensure that it does not fall victim again if it is to rebuild its significantly damaged reputation on Wall Street.

Written by Nick Pointon, Head of M&A at SQS

In June 2015, US security regulators investigated a group of hackers, known as FIN4. The group were suspected of breaking into corporate email accounts of 100 listed companies and stealing information in relation to mergers^[1] for financial gain. Hackers are always on the lookout for opportunities to exploit vulnerable IT systems during mergers or acquisitions.

Starwood Group, an American hotel and leisure company, was the victim of a data breach in 2015 caused by malware infected point-of-sale terminals, shortly after the acquisition by Marriott Corporation had been announced. As a result of the breach, hackers gained access to customer names, payment card numbers, security codes, and expiration dates. It was later questioned whether IT systems were appropriately assessed before the acquisition was made public knowledge.

There is so much going on in the process of an acquisition or a business merger that IT systems are often neglected. This creates vulnerabilities, potentially exposing sensitive information which cyber criminals can exploit. IT teams must focus their attention on ensuring the security of existing systems before a company even considers undergoing an acquisition or merger.

Pre-acquisition technical due diligence

Technical due diligence refers to the period during which IT systems are inspected, reviewed and assessed for areas of vulnerability that need to be addressed. Organisations looking to be acquired or merge, should begin a process of technical due diligence internally before seeking interested parties. By carrying out such an internal technical due diligence, the company being acquired can be satisfied its systems are robust, secure and fit for purpose, and the acquirer’s due diligence will not expose any issues that may jeopardise the deal.

In addition to the security vulnerabilities, many organisations carry open-source licensing risks.  Open-source modules or snippets of code are commonly incorporated by developers into software to aid rapid development.  Although this open-source code is freely downloadable, it is normally subject to an open-source licence, and this licence places restrictions and obligations on what can be done with this code. Companies often have no idea what open-source code is used in their systems and any breach of licensing restrictions can be costly to fix and endanger the deal. So the internal technical due diligence should include an assessment of open-source licensing risk, allowing the company to resolve any problems in advance.

By conducting thorough technical due diligence before embarking on the process of an acquisition, organisations will have a greater appeal to interested parties and can ensure the deal will proceed smoothly. Those looking to acquire will have a clearer understanding of the technical assets for sale, with the added reassurance there won’t be any unpleasant surprises.

Yahoo recently felt the ramifications of neglecting IT systems in anticipation of the Verizon acquisition, after it was revealed earlier this year that 500 million customer email accounts were hacked. This now has the potential to affect the final deal - Verizon have issued a statement stating that the company is looking to alter the terms of the deal, as it felt Yahoo wasn’t completely transparent about the breach. This is a prime example of technical due diligence that hasn’t been thoroughly conducted and proves issues unearthed during the closing stages of an acquisition have the potential to affect the final sale price.

Pre-implementation hurdles

Once an acquisition has been agreed in principle, senior stakeholders must then address which systems are being continued and which should be decommissioned. A skilled project manager must be chosen to manage and monitor the implementation of the systems; ensuring decisions impacting the seamless integration of the acquisition are made on time.

Companies often underestimate the amount of work that goes into managing the process of an acquisition. This can result in the appointment of a project manager without the necessary skills needed to efficiently run the entire process. All too often it is assumed acquisitions only affect the financial and legal teams, when in reality it affects every department. An individual is needed with the skills to communicate across all departments and at all levels.

Post-acquisition finishing touches

The sale is agreed and personnel have merged, but it doesn’t stop there. Post-acquisition integration is a separate project in its own right and requires close engagement from senior stakeholders. Merging IT systems across companies can affect the smooth running of daily operations, exposing flaws in acquired systems likely to cause system downtime. By bringing third-party experts on-board, companies facing both pre- and post-acquisition challenges can be kept safe in the knowledge that IT systems are maintained and sensitive data is kept safe.

No matter how big or small the company or the number of employees, acquisitions are always a major upheaval. In order to allow the organisation to continue to operate efficiently both during and after the deal, it is vital the entire integration is properly planned and effectively executed.  This planning starts during due diligence by carrying out a thorough assessment of the technology and systems.  And the process continues with the execution of the integration project, which requires a skilled project manager supported by engaged stakeholders and effective communication at all levels in the new organisation.