Much like the year before it, when 2018 comes to a close, cryptocurrency will lead the list of disruptors that dominated our lives. However, while cryptocurrency in 2017 was viewed with excitement and cautious optimism as this unique investment opportunity went mainstream, 2018 may view cryptocurrency through a more critical lens.
The digital nature of cryptocurrency is what makes it so exciting, but it’s that digital nature that also makes it rife with risks, not just for exchange owners and investors but even people who couldn’t care less about Bitcoin and its ilk. The cryptocurrency industry has become a major target for cybercriminals, and as a result, so has virtually everyone on the internet.
Hackings of epic proportions
As the platforms where investors trade, buy or sell cryptocurrencies, cryptocurrency exchanges unsurprisingly represent the biggest target for attackers, which has led to headline-grabbing hackings that rob users of hundreds of millions of dollars. To say this is infuriating to users is an understatement. There is no word that covers the loss of hard-earned money, especially if that loss is permanent. Unlike currency stored in traditional banks, cryptocurrency is generally uninsured. Unless a cryptocurrency exchange can afford to make restitution, when cryptocurrency is stolen, it’s stolen.
The most staggering cryptocurrency hacks number in the hundreds of millions of dollars. One of the most recent attacks saw $534 million worth of cryptocurrency NEM stolen. For some cryptocurrency exchanges, including Mt. Gox and YouBit, the multiple hackings exchanges are routinely subject to are too much to bear and shuttering is the only option.
It isn’t just hackings that can undermine user loyalty and bring cryptocurrency exchange trading to a halt. Distributed denial of service or DDoS attacks have been a scourge on the internet at large for over ten years, and it’s the most competitive and high-stakes industries that are routinely the most targeted. According to DDoS protection providers Incapsula, cryptocurrency vaulted onto the list of top 10 targeted industries in the third quarter of 2017, landing at number eight.
DDoS attacks take target websites or services offline with influxes of malicious traffic that overwhelm the network or server, keeping users from being able to use a desired service. With thousands of dollars lost or gained in a matter of minutes with cryptocurrency, DDoS attacks that keep investors from being able to make trades precisely when they want to can be devastating to investors and a death blow to an exchange. For exchanges willing to engage in sabotage, a DDoS attack is a relatively simple and cheap way to seriously hurt a competitor.
Not all exchange-aimed DDoS attacks are launched by competitors, however. Many DDoS attacks are not at all coincidentally timed to hit while a cryptocurrency is at a high value. Attackers will sell their currencies at the high value, then launch an attack. The uncertainty surrounding DDoS attacks often causes a cryptocurrency’s value to drop, which allows attackers to rebuy the currency at the lower value to maximize profits and repeat the process all over again.
As mentioned above, the people affected by the chaos surrounding the cryptocurrency industry extend far beyond those actively involved in the industry. This is because of a widespread and pervasive problem called botnets.
Botnets are networks of devices like laptops and tablets that have been infected with malware that allows cybercriminals to control them and use them for malicious purposes. One of the most notable uses of botnets is in DDoS attacks, as these networks of devices are what generate the huge amounts of traffic necessary for taking down a website. Devices are essentially enslaved without their owners’ knowledge to do things like, well, take cryptocurrency exchanges offline.
The nature of the cryptocurrency industry has created another use for botnets. Cryptocoin mining is the process of earning cryptocoins by using computing resources to solve complex math equations necessary for validating cryptocurrency transactions. The more computing resources a person can dedicate to cryptocoin mining, the more money they can make by earning transaction fees. Therein lies the malicious beauty of the botnet.
The process of infecting devices to use their computing resources to mine cryptocoins is called cryptojacking, and up until recently cryptojacking was known as a fairly simple technique, one that was therefore easy to protect against. With the RedisWannaMine attack, cryptojacking has gotten considerably more complex.
RedisWannaMine targets both application servers and database servers and uses the same National Security Agency-created Eternal Blue exploit that made the WannaCry ransomware attack so successful to increase infection rate. Hundreds of thousands of devices were infected in the WannaCry attack, and when you consider how many organizations and people have probably still not effectively patched the Eternal Blue exploit, RedisWannaMine likely has the potential to infect hundreds of thousands of devices as well, seriously degrading device performance for the owners while cybercriminals get rich.
For cryptocurrency to be viewed through rose-tinted glasses by the end of 2018, a great deal has to happen. Exchanges need far better security against hackings as well as professional DDoS mitigation with a near-instant time to mitigation: under 10 seconds. It may be time for this unregulated industry to start looking into insurance as well.
Stopping botnets from propagating falls to organizations and device end users. Web applications need to be patched, especially against old and infamous exploits, and a web application firewall is a good next step in guarding against emerging vulnerabilities. Databases should likewise be protected with a firewall rule implemented to keep database servers from being public-facing. Devices – even tablets and mobile phones – need to be protected by anti-malware measures to keep botnet builders and cryptojackers alike from being able to profit from someone else’s computing resources. Disruptors don’t need to be disruptive to every day life, after all.