Below: European lawmakers are finding out how many EU countries are using NSO spyware, and the FTC is investigating a crypto-hack.
What’s Behind a Cryptocurrency Theft Wilderness
In two incidents over the past week, hackers stole a total of nearly $200 million in cryptocurrency, racking up a record year of $2 billion in industry losses for thieves and scammers on the Internet.
The Treasury Department also sanctioned an anonymization service this week for its alleged role in laundering billions of cryptocurrency. The agency cited the hackers’ use of Tornado Cash to conceal proceeds from the largest known crypto hack to date, the $620 million heist in March.
So why are these expensive crypto hacks happening? There is no single answer, and there are many reasons to believe that they will continue to occur.
Answer #1: That’s where the money is
The first and shortest major answer may sound sarcastic. This is Willie Sutton’s answer to why he robbed banks: “That’s where the money is.”
The covid-19 pandemic has seen an increase in cyberattacks as well as the proliferation of cryptocurrency wallets, observed Brenda Sharton, Global President of the Privacy and Security Practice at Dechert Law Firm. These two phenomena go hand in hand, she told me.
One specific variety of cryptocurrency technology has proven a particularly ripe target — and increasingly so: cross-chain bridges.
- My colleague steven zeitchik explains: “A blockchain bridge allows consumers to exchange crypto from one blockchain to another – say, from bitcoin to ethereum – which makes it vulnerable to what security experts call ‘both sides’ weaknesses. of either blockchain.”
- Blockchain analytics firm Chainalysis estimated last week that such attacks accounted for 69% of funds stolen by hackers this year.
Answer #2: It’s a question of maturity and behavior in the industry
“Fintech is evolving very quickly” Adam Meyer, the senior vice president of intelligence at cybersecurity firm CrowdStrike told me. “It’s a lot of start-ups saying what they say about start-ups: ‘Go fast and break things.’ … Some of the stuff that’s out there is really, really new, and so they haven’t really thought about attack vectors.
The financial industry’s most established siblings of crypto start-ups, banks, are investing deeply in cybersecurity. Bank of America spends more than $1 billion a year on cyber defense, the company’s chief executive said last year. Over hundreds of years, banks have learned to prioritize security of all kinds, Scott Carlsonhead of blockchain and digital asset security at Kudelski Security, said.
Additionally, some cybersecurity firms are loath to get involved in the cryptocurrency industry, said Ryan Spanier, Carlson’s teammate at Kudelski Security. They might view crypto businesses as a fad, one that is difficult to adapt to existing protections, or as an area of the economy that is bad for the environment.
This is not 100% negative news. Several crypto exchanges that have suffered major hacks declined interviews or did not respond to requests for comment, but some directed me to long lists of security improvements they subsequently made.
Additionally, some technologies are emerging to protect cryptocurrency from theft, such as hardware wallets, and some older cybersecurity practices have spread into the community, such as bug bounty programs where ethical hackers help organizations to find their weaknesses.
Answer #3: Crypto is the Regulatory Wild West
These traditional financial services companies? They have federal agency overlords – be it the Securities and Exchange Commission (SEC) or the Financial Industry Regulatory Authority (FINRA) – that have made the industry one of the most tightly regulated in terms of cybersecurity. Crypto organizations don’t quite fall under existing regulatory territory, and some argue that’s why they get hacked.
“The reason in the first place is that crypto exchanges, unlike US financial firms, do not have to adhere to the rigorous cybersecurity standards and requirements put in place by the SEC, FINRA and banking regulations,” said an independent consultant. John Reed Stark said. “So you have no idea what kind of cybersecurity protections are in place in these entities.”
By their very nature, the blockchain community prefers to be “lightly regulated because they want to free themselves from what they perceive to be problems in the existing system,” Carlson said.
It’s a hot topic on Capitol Hill, where bipartisan legislation would define who is responsible for overseeing the crypto industry and direct agencies to develop cybersecurity rules for digital assets like cryptocurrency. Sens’s bipartisan bill. Kirsten Gillibrand (DN.Y.) and Cynthia M. Lummis (R-Wyo.) Would grant oversight to the Commodity Futures Trading Commission, as opposed to the SEC, which has taken a tough stance against crypto abuse.
But the focus on regulation is misplaced, Sharton said. The government can help better by putting crypto thieves in jail, she said. (In one particular case, a $500 Walmart gift card led law enforcement to the suspected culprits behind a massive hack in 2016.)
There are also an assortment of other possible explanations.
For years, analysts have tried to find out what is behind the spiral of crypto hacks. Other leads:
- It’s easier than other types of hacks.
- Targets have smaller cybersecurity teams.
- The theft of passwords and other key information is possible on a larger scale.
- Sometimes the causes of a theft vary from case to case, like a fake job offer, of all things.
What is certain is that crypto hacks are very expensive. Just last month, creditors at former cryptocurrency exchange Mt. Gox said they were on the verge of being paid off – following the fallout from a 2014 hack.
Many EU countries used tech from spyware firm NSO Group, lawmakers say
Law enforcement agencies in 12 of the 27 European Union member states are using NSO spyware, and ties with two other European countries have been cut, Ha’aretzreports Omer Benjakob. In total, NSO has 22 European customers, some of whom are from the same country, reports Benjakob.
The discovery of these figures by a committee of the European Parliament investigating the use of NSO and other spyware highlights the extent of the use of these tools on the continent. NSO’s Pegasus spyware has been used to hack journalists, activists and executives, according to an investigation by The Post and 16 media partners.
“If a single company has 14 Member States for its customers, you can imagine the overall size of the sector,” said a member of the committee. Sophie in ‘t Veld Haaretz said. “There seems to be a huge market for commercial spyware, and EU governments are very keen buyers. But they’re very quiet about it, keeping it out of public view.
FTC investigates cryptocurrency exchange hack
The Federal Trade Commission’s investigation into a December 2021 hack of cryptocurrency exchange BitMart represents the first known investigation into cryptocurrency markets by the regulator, Bloomberg Newsreports Leah Nylen. The FTC disclosed the investigation in an order rejecting an attempt by BitMart operators to block an FTC request for information, which operators Bachi.Tech and Spread Technologies said was too broad and involved information located at ‘foreign.
“The FTC had sent civil subpoenas in May to BitMart operators, asking for details about what the companies told consumers about the security of their crypto assets and how they handled customer complaints. The consumer protection agency – which has penalized dozens of companies from Wyndham Hotels & Resorts Inc. to Uber Technologies Inc. for lax IT practices – expects these details to help it determine whether the companies have engaged in unfair or deceptive business practices. The FTC is also investigating compliance with the Gramm-Leach-Bliley Act, which requires financial institutions to secure important data.
The FTC declined to comment on Bloomberg News. Lawyers representing BitMart operators did not respond to requests for comment from the outlet.
CISA Releases Guide for Election Workers to Address Digital Threats Ahead of Midterm Elections
The Cybersecurity and Infrastructure Security Agency’s new toolkit warns election workers of threats like phishing and ransomware, State Scoop“, reports Benjamin Freed. It comes from the agency’s Joint Cyber Defense Collaborative, an initiative that aims to strengthen the agency’s collaboration with the private sector.
“Much of the recent national discussion on election security has focused on the harassment of election workers, misinformation and disinformation, and insider threats at local election offices – all largely fueled by ongoing lies about the 2020 presidential election,” Freed wrote. “The cyber toolkit, CISA said, is intended to help improve technological resilience.”
Finnish parliament victim of cyberattack following US decision to admit country to NATO (The Hill)
Security firm uncovers flaws in Indian online insurance broker (Associated Press)
7-Eleven Denmark confirms ransomware attack behind store closures (Bleeping Computer)
‘Hack DHS’ bug bounty program to begin second phase with new contract request (NextGov)
Ex-CISA chief wants new cross-cutting agency to run federal cyber (FCW)
- National Cyber Director Chris Inglis and Director of CISA jen easter speak at the annual DEF CON hacking conference on Friday.
Thanks for reading. See you next week.