Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Sunday, 5 February, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

In the New “Wild West” Even “Small” Cryptocurrency Theft is Costing Billions

by The Gurus
June 13, 2018
in This Week's Gurus
Share on FacebookShare on Twitter

Written by Rick McElroy, Security Strategist at Carbon Black

Over the weekend, another cryptocurrency exchange was breached. This time it was “only” $40 million” in cryptocurrency. However, as a result cryptocurrencies overall lost more than $40 billion in value following the attack. That’s not a typo – a $40 million heist cost the market more than $40 billion dollars. Such is the nature of the new Wild West, where cryptocurrency is front and centre in the cyber game and hackers can manipulate entire markets with a few clicks of a mouse.

If crypto mining, ICOs, cryptojacking and ransomware all represent the electronic “gold rush,” then this current wave of cyber crime represents the electronic equivalent of yesterday’s stick ups, bank, stagecoach and train robberies.

While cryptocurrencies are “new,” criminals have perennially remained motivated by one thing – money. If you were a cyber criminal why wouldn’t you? The chances of actually getting caught are minimal, at best. There is no modern day equivalent of the Pinkertons to safeguard your cryptocurrency through the desert while riding shotgun on a stagecoach. The entire supply chain of cryptocurrency is immature and ripe for attacks.

It’s not surprising that Carbon Black’s recent cryptocurrency report highlighted that cryptocurrency exchanges are the most vulnerable target for cybercriminals, with 27% of attacks targeting exchanges directly. Regulation is often country specific and, in most cases, no one is vetting the technology (or the people) who are running the exchanges, let alone their security programs and controls to protect themselves and their customers.

Some exchanges are better than others but would you trust your money to a bank with no safe? Or security guards? Or the FDIC? I highly doubt it. While cyber criminals target individuals, wallets, and systems to facilitate cryptotheft, most of the payoffs are small. Much like gangs of the American West, why rob each person when you can rob the train or stage coach carrying all of the town’s money? One attack can yield the worth of hundreds or thousands of others, so why not go after where all the money is, especially when the risk is low?

“I rob banks because that’s where the money is,” – Bank Robber Willie Sutton

In regards to cryptocurrency and markets, there is a bigger conversation to be had. Cyber criminals rob banks because that’s where the money is. They are motivated by the pay off. There is nothing really new about that. However, when it comes to the new Wild West, it becomes entirely possible to monetise on attack a number of different ways.

Monetisation 1. Breach the exchange and abscond with as much cryptocurrency as possible

Monetisation 2. Coordinate a short on one of the various cryptocurrencies knowing the volatility of the market will yield a big drop in the current price after an attack is successful.

Monetisation 3. Buy a bunch of now decreased-in-price coin and ride the recovery.

That’s three crimes and three ways to make money for the cost of one single attack.

We expect to see cryptocurrency theft and illicit mining activity expand in the mid-to-long term as security mechanisms and user awareness slowly catch up to this evolving threat. These cryptocurrencies represent an alternative and lucrative funding stream, which is especially true for criminals, as well as nation-states desperately seeking to subvert sanctions. These will continue to fund future attacks. TTPs will evolve and adapt quickly, along with the dark web marketplaces that fuel the illicit economy, which is worth millions.

If attackers are simply “following the money,” in this new Wild West, defenders should be evolving accordingly. Follow the money.

FacebookTweetLinkedIn
ShareTweetShare
Previous Post

UK! watchdog! slaps! Yahoo! with! £250k! fine! for! 2014! data! breach!

Next Post

Executives Say Efficiency and Security Outranks Customer Experience as the Driving Force Behind Digital Transformation

Recent News

london-skyline-canary-wharf

Ransomware attack halts London trading

February 3, 2023
Ransomware conversations: Why the CFO is pivotal to discussing and preparing for risk

Ransomware conversations: Why the CFO is pivotal to discussing and preparing for risk

February 2, 2023
JD Sports admits data breach

JD Sports admits data breach

January 31, 2023
Acronis seals cyber protection partnership with Fulham FC

Acronis seals cyber protection partnership with Fulham FC

January 30, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information