Bitcoin and other cryptocurrencies have become a routine part of today’s cyber attack landscape.
The press is awash with cryptocurrency. Reports on the all-time highs, the billionaires who jumped on the bandwagon early, and the news that the likes of Goldman’s are setting up trading desks to exploit the wave are rife.
And there are certainly hotspots in the world influenced by the relative stability of the currency. In some countries it’s seen as an economic saviour. A way to keep economies trading when there is a lack of cash and the potential for criminals to create black money and instigate corruption – places like India where people can queue for hours to get money from an ATM. It is an easy way to move money.
We’ve also seen government intervention cause an interest in bitcoin. China is a prime example. The Government has sought to keep currency and prevent “capital flight” from the country. Some say that a large percentage of the trade in Bitcoin is happening in Asian exchanges. According to research firm Rhodium Group, $762 billion exited China in the first 11 months of 2016. Rumours of China attempting to restrict Bitcoin caused a sudden sell-off in early January last year. Speculation is that the fall of the Yuan brought a sudden rise to Bitcoin.
And here we are today with personal finance reporters educating their readers on the virtues, while others, like Stephen Roach from Yale University, say the currency is toxic believing the vertical trajectory of its value, and all time high, will bring about a downfall.
The underworld is just as busy. Hacks and scams have hit the larger trading markets and things have escalated in recent days.
As leading bitcoin exchanges typically excel in service availability, some users have turned into full-time traders, as they have a platform to store and trade thousands of dollars of cryptocurrency in real time. This increased attention is creating profitable opportunities for cyber criminals – the most high profile case was of course the WannaCry campaign, which locked up computers around the world demanding bitcoin exchanges for a decryption key. And only last week, BitConnect announced it was under heavy fire from hackers just one of the reasons suggesting it would close its exchange. It’s spooked investors.
Several crypto-currency exchanges around the world have experienced outages related to either a flood of natural traffic due to market fluctuations and demand, or malicious traffic from denial-of-service attacks. In particular, last summer both Bitfinix and BTC-e announced that their networks were experiencing service degradation due to a denial-of-service attack. Coinbase reported experiencing issues with load times that resulted in users not being able to login or view the websites of the targeted exchanges.
We all know that system overloads need to be avoided so that traders’ real-time market interactions are not interrupted. When a trading platform goes down, users are unable to access their wallets and fear that Bitcoin’s value will fluctuate, resulting in the company suffering reputation damage.
However, recent hacks have caused the market to wobble more than usual. Some argue that the ‘slump’ that it’s prompted will be good for the currency and steady things.
Talk to CIOs of businesses trying to defend themselves from cyber attacks and they really don’t care about the market price of a Bitcoin. If there’s value in it, there’s value for a hacker and that’s become an urgent concern for anyone leading an IT organisation.
In fact, the percentage of companies reporting financially motivated cyber-attacks has doubled over the past two years, with 50% of companies experiencing a cyber-attack motivated by ransom in the past year, up 40% from the year before. A quarter of security execs think ransom will the greatest threat to their business this year.
It’s easy to see why. As the value of Bitcoin and other cryptocurrencies has appreciated, ransom attacks have provided an opportunity for hackers to cash out for lucrative gains months later – there is money to be made regardless of which side of the law you stand.
To begin with cryptocurrency was an ideal way to protect anonymity. Now, given the market hype, it’s providing criminals with the vital funds they need to continue their operations.
Ramping and manipulations to influence the BTC/USD exchange are only the beginning; a high bandwidth attack from a botnet could take the exchange down completely. Some of these services are dealing with hundreds of thousands of requests at a time and can even fail from a burst of legitimate traffic as a result of a change in value.
In addition, as the value and popularity of the currency rises, we should expect more ransomware and ransom denial of service (RDoS) campaigns, because, cryptocurrency is now the preferred currency for cyber criminals making illegal purchases on the Darknet. It’s also the currency of choice for extortionists.
As Bitcoin continues to rise in value, cyber criminals will continue to rely on cryptocurrencies as a means for payment. The wallets and exchanges that house the currency will also be targeted at a persistent rate. Bitcoin exchanges might experience denial-of-service attacks by hacktivists seeking to compromise or seize accounts.
Big brands will succumb too – in the past, hacktivists groups such as Anonymous launched denial-of-service attacks against PayPal after refusing to process payment for WikiLeaks.
All the studies that look back on 2017 tell you that criminals used various ransom exploits and hacks to encrypt vital systems, steal intellectual property, and shut down business operations.
Between service disruptions, outages, or intellectual property theft, hackers are leaving businesses reeling, searching for solutions after a hack occurs.
Forensics tells you that hackers and their methods are becoming increasingly automated. The age of Artificial Intelligence (AI) and machine learning is now.
Many say it will transform cyber security, which probably explains why one-fifth of companies already rely on machine learning and artificial intelligence and a quarter plan to integrate it in to security plans the next 12 months. It’s a sensible move to include the latest developments and should be encouraged.
However, there is some scepticism. Europe is falling behind the US and Asia Pacific in the adoption of security methods using artificial intelligence.
It may seem surprising, but I think there is good reason for it. AI is highly effective when it comes to managing very complex situations where theoretical modeling is virtually impossible – if you need to predict how a person will respond for example. It’s also useful when your budget or resource is restricted.
But there’s no getting away from the fact that positive security models are still the best way to protect from cyber attacks, especially where there is zero margin for error. Plus AI is no substitute for the skills needed to investigate attacks and develop a strategy.
Security professionals need the technology to find the data that will tell them a story. The human brain can’t process millions of pieces of information but nor can AI systems come to conclusions about how strategy should change based on the data, and what security steps the business should take. The two must meet in the middle.
I’d argue that Europe is more advanced in its thinking and waiting until AI has evolved. Closing the skills gap is a more urgent need. As demonstrated by the upturn in companies employing hackers to help design their security – a third of companies are now taking on hackers as they understand the mind of a hacker and know where to look for the next attack type, and the virtually co-ordinated global attacks fashioned by groups like Anonymous.
Bitcoin is now a routine part of the cyber attack landscape. If companies are to succeed is staying secure they have to take that as a given and build skilled teams, supported by real-time detection, mitigation and defence. AI will be a part of this puzzle but it can’t be relied upon. Not just yet.
Soon AI will be everywhere and companies have to prepare for this future, but they shouldn’t lose sight of the present dangers and the risks that comes from adopting too early.