While attacks are more prevalent against Microsoft Windows, threats against Android devices are increasing as well
It’s been easy for most people – even IT security teams – to avoid thinking about the security risks of cryptocurrency. Even as the price of bitcoin, ethereum and many of the “alt coins” comprising the cryptocurrency market skyrocketed towards the end of 2017, any security risks only affected the people holding cryptocurrency.
That is, until companies began to discover their servers — and even mobile devices — were being used by cyber thieves to mine cryptocurrency. Now, suddenly, cryptocurrency is bleeding into the world of corporate security teams in new and very real ways.
The way cryptocurrency affects consumer and corporate security is an evolving conversation that started several years ago. Here’s a look at why it’s more important now than ever.
Bitcoin Born: Underground Usage Grows
In many ways, cryptocurrency was a product of the 2008 banking crisis, conceptualized as a peer-to-peer value exchange system that could make people less reliant on banks. However, its anonymous nature meant that bitcoin was quickly adopted as a currency for criminals on the dark web. Cybercriminals began using bitcoin to send and receive payments for digital dossiers and credit card information, exploit kits and the many other cybercrime products and services available in the underground market.
Many security teams and consumers alike had their first introduction to cryptocurrency when ransomware began to run rampant in 2016. Often, victims were asked to pay their ransom in bitcoin, as this was largely untraceable by authorities and cut out much of the typical money laundering work.
In 2017, SonicWall researchers analyzed bitcoin data to find that transactions via ransomware-related wallet addresses dropped. This may partly be due to improved security efforts thwarting ransomware, and partly due to other cybercrime developments we’ll discuss in a moment.
Normal People Get Involved: Cryptocurrency Wallets Targets for Cybercriminals
Before money began flowing into cryptocurrency, cybercriminals took the opportunity to attack several cryptocurrency exchanges. Many of the more famous exchange attacks predate 2017, including the Mt. Gox attack, in which users lost around USD 400 million and the DAO theft of about USD 50 million. Cybercriminals can’t resist a hot market, so exchange attacks have become a staple of the cryptocurrency world. The largest successful attack happened in January 2018 when users of the Japanese cryptocurrency exchange Coincheck lost USD 530 million, according to officials.
The problem with losing money in a cryptocurrency exchange hack is that there is little or no recourse for the individual user. Cryptocurrency is anonymous and largely unregulated. Money in the cryptocurrency market is not insured in the way a bank account is, so when attackers walk away with millions, that’s usually the end of the story.
However, in 2017, law enforcement arrested Russian Alexander Vinnik on more than 21 charges of money laundering, fraud and other financial crimes. He is believed to be responsible in some way for the Mt. Gox theft, since 530,000 of the bitcoin stolen in that attack ended up passing through wallets he controlled or was associated with. Of course, that’s little comfort for Mt. Gox victims, who will remain unable to recover their funds.
Risk Expands: The Rise of Mining Hacks
The price of cryptocurrencies may not be what it was in December, but it’s still a market with plenty of money to entice cybercriminals. In 2018, we expect to see a rise in attacks that quietly install cryptocurrency mining software on user devices and corporate servers.
This type of attack is only going to escalate this year, and we can expect mobile devices, desktops and corporate servers alike to be targets. Our recent analysis shows that, while such attacks are more prevalent against Microsoft Windows, threats against Android devices are increasing as well.
Focus on Reducing Your Risk
As with virtually any security risk, taking the right precautions can go a long way to keeping you safe.
If you hold cryptocurrency, don't leave large amounts on an exchange. Educate yourself on secure ways to store and transact with cryptocurrency, and do not take any risks you wouldn’t want a bank taking with your money.
Corporate IT teams and consumers alike need to be highly attuned to what's happening in their environments and ensure they’re leveraging a combination of automated security tools with advanced threat protection and human-led inspection processes to ensure they don’t become the victims of mining attacks.
If you haven’t begun to consider the threat of exchange and mining attacks in your personal or corporate IT security plan, the time has come to get serious about reducing cryptocurrency-related risks. The conversation around cryptocurrency will continue to evolve in the months to come, and if organizations don’t stay tuned in and active, they’re much more likely to become victims themselves.
The author is Vice President and General Manager, Asia-Pacific & Japan, SonicWall