By Chuck Brooks
Last week it was disclosed that almost 4,700 bitcoins crypto currency valued at $64m were stolen by hackers who broke into Slovenian-based bitcoin mining marketplace called NiceHash. The NiceHash marketplace matches people looking to sell processing time on their computers for so called miners to verify bitcoin users’ transactions in exchange for the bitcoin. From the forensic incident analysis it appears to be a breach exploited by sophisticated hackers.
This is not the first time that bitcoin has been targeted. Recently, around $30 million worth Ethereum cryptocurrency was stolen by hackers through a cyber-attack. And In 2014, hackers stole about $350 million in bitcoins from Tokyo’s’ Mt. Gox Exchange.
Bitcoin is the first, and the largest of cryptocurrencies, 21 million of them were released in 2009. The common definition of bitcoin is that is a type of digital currency in which encryption techniques are used to regulate the generation of units of currency and verify the transfer of funds, operating independently of a central bank. Functionally, it is a decentralized tradable digital asset that recorded publically by a Block Chain ledger.
The reason why bitcoin and other cryptocurrencies have become opportune for hackers is that they are stored in digital wallets rather than banks. These wallets are basically an ecosystem of easy targets because they do not have the levels of or layers of cybersecurity protections necessary to protect the owners of the currencies. The value of the cryptocurrencies have skyrocketed (one bitcoin was recently valued of $15,000) making it financial rewarding to steal for professional cyber threat actors
In addition, to the theft value, cryptocurrencies are also being used by hackers as payments of choice for ransomware extortion. Hackers and criminals (especially money launders) like to use it because it is difficult to trace a payment transaction. Paying ransomware in crypto currencies seems to be a growing trend. The recent WannaCry and the Petya ransomware attackers demanded payment in bitcoin. In June, a ransomware attack on a South Korean web hosting firm called Nayana required a bitcoin payment of $1 million to attackers to gain back control of their servers.
It is not just theft or ransomware that puts those connected to the internet at risk. A scary scenario is that even if you do not own or trade bitcoin or other crypto currencies, you still can be a victim. Hackers need computing power to find and “mine” for coins and can hijack your computer processor while you are online. Hackers place algorithm scripts on popular websites that people innocently visit. You might not even know you are being hijacked.
How do you protect yourself? One clue for detection is to monitor if your computer is running slower. Also implement regular computer scans, keep your security software and patches up to date, and clear your browser cache often. In practicing cybersecurity, it is prudent to be vigilant because everyone is vulnerable.
Cryptocurrencies are in an early stage of development but it is estimated by The World Economic Forum that they will comprise 10 percent of global GDP by 2027. This is certainly significant (and challenging) for the global financial system as they are outside of the Central banks and regulation. Whether or not you are personally involved in trading cryptocurrencies, most of us are connected to the digital world where they dwell. It is essential that strong processes and technologies be a consideration for anyone wanting to be cyber secure from the evolving world of cryptocurrencies.
Chuck Brooks is a featured columnist for High Performance Counsel. He is President of Brooks Consulting International. In both 2017 and 2016, he was named “Cybersecurity Marketer of the Year by the Cybersecurity Excellence Awards. LinkedIn named Chuck as one of “The Top 5 Tech People to Follow on LinkedIn” out of their 500 million members. He is also an advisor to LinkedIn on cybersecurity and emerging technology issues. He has published more than 100 articles and blogs on cybersecurity and technology issues. Chuck’s professional industry affiliations include being the Chairman of CompTIA’s New and Emerging Technology Committee, and as a member of The AFCEA Cybersecurity Committee. In government, Chuck has served at The Department of Homeland Security (DHS) as the first Legislative Director of The Science & Technology Directorate at the Department of Homeland Security. He served as a top Advisor to the late Senator Arlen Specter on Capitol Hill covering security and technology issues on Capitol Hill. In academia, Chuck was an Adjunct Faculty Member at Johns Hopkins University where he taught a graduate course on homeland security for two years. He has an MA in International relations from the University of Chicago, a BA in Political Science from DePauw University, and a Certificate in International Law from The Hague Academy of International Law.
Chuck can be reached on LinkedIn: https://www.linkedin.com/in/chuckbrooks/
Or on Twitter: @ChuckDBrooks