Cryptocurrencies, Cyber Security and the Cloud
Why do hackers love crypto currencies and why is cloud a target?
The market capitalization of various digital currencies has soared to nearly USD $13 billion. From Elon Musk to every tech pundit who had a Twitter account, everyone seems to be talking about cryptocurrencies. Many believe it to be a democratic wave of the future, whereas others are convinced it’s bound to fail in the near future.
The excitement is understandable. More than 40 million people all over the globe now regularly use some type of cryptocurrency in their transactions. As cryptocurrencies (slowly, but surely) establishes themselves as a valid currency in the wider public mindset, more and more are waking up to the fact that the technology essentially does away with intermediaries like traditional financial and regulatory institutions and enables instant transfer of funds without interference from either.
Thanks to the magic of cryptography, the transactions are fully secure – even when not backed by guarantees from sovereign authorities – and are completely decentralized and independent of central banks. The popularity of cryptocurrencies has been such that many nations are now lining up to launch their own currencies with China leading the charge.
Despite the entire hubbub though, most regulators and governments are still grappling with necessary financial, business, and legal structures to govern cryptocurrencies. And cybercriminals are flourishing in the opportunity the gap provides. Each day, $9 million worth of cryptocurrencies are lost in scams. In fact, the malware required to steal cryptocurrencies has become so commonplace that it can cost as low as $1.04 from the dark web.
Targeting the cloud for crypto infrastructure – mining for crypto on hacked servers
A Department of Homeland Security sponsored study found that about 33 percent of bitcoin trading platforms have been hacked. More worrisome is the trend that cryptocurrencies have now become the predominantly preferred form of exchange in the case of ransomware attacks.
Cyber attacks on cloud systems jumped a staggering 250% from 2019 to 2020. Aqua Security’s 2020 Cloud-Native Threat Report, which analyzed 16,371 attacks that occurred between June 2019 and July 2020 using honeypot servers, showed that most attacks were targeted to use the cloud for deploying crypto-mining malware and not corporate espionage, or other types of cyber-crimes, such as DDoS attacks, as is widely believed.
How hackers are improving their techniques
The switch in criminal intent shows a fairly solid move towards organized cybercrime that plays the long game through investment in infrastructure. Unsurprisingly, this is accompanied by a concomitant rise in the complexity of attacks. Aqua reports that methods of attacks have diversified and malware complexities have evolved. These have included everything from employing AI and ML in malware, probing networks for months at a time to detect vulnerabilities as well as scouring the Internet for cloud servers with weak passwords or a lack of one. To top it all, hackers are starting to concentrate on supply chain attacks to piggyback on vulnerabilities of third parties as an entryway to large-scale public or private enterprises, mainly companies that own or manage cloud infrastructure.
Particularly in the supply chain attacks, hackers are planting malware in containers or server images that are then uploaded to public registries. This malware typically contains multi-stage payloads (often with 64-bit encoding) and can remain dormant for extended periods of time and spring into action the moment the container/ image is deployed. Needless to say, traditional methods of detecting malware, such as signature-based security systems, are fairly useless in such scenarios.
Why are cryptocurrencies such an alluring target for hackers?
Hackers seem particularly fond of money laundering schemes, ransomware, and duping businesses in any way possible to get their hands on cryptocurrency assets. The allure for cryptocurrency really lies in the fact that as crypto is decentralized, there is no ‘tracking’ involved by a central agency. So no one really monitors the exchanges or crypto activities on the whole. And since lawmakers are barely keeping up with the technology behind cryptocurrencies, there are hardly any regulations involved.
Cryptocurrency cybersecurity risks for your business
If your business deals with cryptocurrencies on a regular basis, you already present a lucrative target for attackers. After all, they have the cover of anonymity on their side to trade cryptocurrencies without the slightest chance of being tracked. If you happen to be a frequent exchange user, a trader of currencies, or just happen to allow transaction in cryptocurrencies in your business, pay close attention to the following kinds of risk vectors:
The most common form of attack is also one of the simplest to perpetrate. Cryptocurrency phishing campaigns are generally aimed at trading platforms to steal user credentials either for profit or ransom. IT Support Vancouver could be a good resource to learn more about phishing attacks.
- Hacked trading platforms
Compromising the integrity of trading platforms can be hugely profitable for hackers as they can steal from all the users.
- Compromised registration forms
Similar to credential theft, hackers gain access to user credentials and sell them in the black market for a neat margin.
- Third-party applications
Here, hackers try to get entry into your business systems by piggybacking on third-party applications. The target is generally to steal your stored user information and use them to fuel further attacks.
In this type of attack, hackers use malware to enter the mining machines and steal the computing resources of the infected computer. As an add-on, this type of attack can also be used for general cryptocurrency theft from online wallets.
As is applicable for all kinds of cyber attacks, the only way to protect your business from such attacks is to install highly effective security policies and protocols in your enterprise network and even cover third-party suppliers. If your defenses are strong enough, most attackers can be discouraged from trying further without jeopardizing their operations. While this may be a polarizing topic for many, regulating and monitoring cryptocurrencies can also add a much-needed layer of protection around transactions. For comprehensive managed security solutions, consider reaching out to Managed IT Services provider.
About the Author
Sam Goh is the President at ActiveCo Technology Management, a Managed IT Services Vancouver company. Sam comes from an operational perspective, his tenure at ActiveCo emphasizes working with customers to closely understand their business plans and to successfully incorporate the technology component into those plans. Under his leadership, ActiveCo has developed expertise that focuses on enriching extensive customer relationships by integrating strategic and operational focus areas through consulting. When Sam and his wife Candee aren’t running ActiveCo, they enjoy road trips with their 2 children. Faith, family, friends, and philanthropy lie at the heart of Sam’s personal beliefs.