CyberSecurity and Digital Currencies

Introduction

Typically, digital currencies are private monetary values that exist only in ledgers. That is, a digital currency—offered and administered by a private organization—is bypassing the conventional banking system and governmental currencies, allowing monetary worth to change ownership for the purchase of goods and services.

Because these currencies have no physical aspect to protect, their protection and integrity is safeguarded by heavy cryptographic means, and for that, they are referred to as cryptocurrencies.

Parallel to the soft cryptocurrencies, that is currencies that exist only in database-ledgers, also exist hard cryptocurrencies, that is, currencies that have a physical representation.

Examples of such currencies are the Peercoin. While the most well-known cryptocurrency is the Bitcoin with its Marketplace, there are numerous other such currencies publicly or privately available. The use of cryptocurrencies allows anonymity in the transaction, thus offering privacy over the performed transaction.

The Blockchain Concept

Physical monetary units, such as paper money, are numbered to indicate their uniqueness and are made relatively difficult to duplicate.

Similarly, metal monetary units, such as gold and silver coins, have their own intrinsic value, and their duplication is impractical.

On the other hand, the digital currency units are traced through their use, as they are being utilized, changing owners in the process. This tracing is being implemented via a highly secure open ledger— a database—that records all transactions digital currency units go through. Each transaction is referred to as a block, and the ledger keeps track of each and every transaction that takes place within a particular cryptocurrency system.

Each transaction, that is each use of the digital money, has a timestamp and a link as to where that digital money came from. Cryptocurrency management organizations claim that “By design, blockchains are inherently resistant to modification of the data”*. Because the blocks are linked to each other—they are chained—the concept is called blockchain.

In a general sense, the concept of creating a blockchain, that is the recording of a sequence of events permanently stored in a database, is applicable to many areas, including the medical  field and the military one.

Cryptocurrencies

There are numerous organizations that issue cryptocurrencies. It is believed that they are over seven hundred digital currency issuing organizations. OneCoin claims that “Regulatory challenges related to cryptocurrencies are mainly linked to the anonymity of transactions and the decentralization of financial dealings.”

Monero claims that it “… is a secure, private, untraceable currency.” Many such organizations employ external auditing supervision in order to establish a reputation on maintaining integrity and above all privacy. Authorities are primarily concerned over two main issues regarding the cryptocurrency industry, if we may call it that way.

The first is that the possibility that criminal/illegal activities are concealed behind the anonymous transactions. It is believed that  cryptocurrencies “… have been quite a debatable vehicle for payments due to the poor regulations and high attractiveness for international criminal activities.” The US Federal Bureau of Investigation is very concerned over the use of cryptocurrencies for criminal-illegal activities, having made many arrests on such crimes.

The second concerns cryptocurrency integrity, whereby the minting of the respective currency corresponds to the available conventional monetary assets. If unregulated, cryptocurrencies may become insolvent, unable to convert crypto money to conventional money— dollars, euros, etc. Addressing such possibilities, insurance companies offer coverage over cryptocurrency losses due to cybercrime, such as theft, hacking, or insolvency.

There are numerous cryptocurrencies, and new ones pop up continuously. The most visible to the public are the following:

Bitcoin

Bitcoin is the most well-known of the cryptocurrencies. According to the Bitcoin organization “… the supply of Bitcoin is mathematically limited to twenty-one million bitcoins and that can never be changed” and the Bitcoin network is unstoppable and uncensorable. The last statement concerns crime prevention agencies, worldwide, while it is a clear invitation for illegal activities.

This statement is not unique to Bitcoin but applies to all digital currencies that maintain uncensorable accounts. A law firm specializing in cyber matters states: “This digital currency (the Bitcoin) that is processed via the Internet is not subject to oversight by a central issuing authority.”

Cryptocurrencies might not be subject to oversight by a central issuing authority, and also be uncensorable, but there is a US law in the books, covered in Chapter Nine, the Communications Assistance for Law Enforcement Act of 1994, that obliges telecom companies “… pursuant to a court order or other lawful authorization, to intercept all of the subscriber’s wire and electronic communications….” It is hard to believe that cryptocurrencies are above this law.

Cryptocurrency Wallet

In the cryptocurrency context, the wallet is an account that is anonymously maintained by the cryptocurrency issuing organization, or by a third party. Such accounts may be uni-currency or multi-currency. Using the wallet, one can make direct person-to-person transactions, pay invoices, request or send payments by email.

The cryptocurrency wallet may also be a hardware device that holds the cryptocurrency account password. Such device interfaces via a USB connection, and it may hold passwords for other accesses as well.

Cybercrime in the Cryptocurrencies Domain

Undoubtedly, the use of digital currencies provides privacy and anonymity not offered by the conventional funds transferring institutions. However, this privacy, and especially the offered anonymity, has made cryptocurrencies crypto criminals’ heaven.

One type of cybercrimes that is being harbored by the anonymity of cryptocurrencies is the cyber extortion—the demand for ransom— for the prevention of future attacks, or for the restoration of already- locked data.

Ransomware, as it is named in cyberspace, is illegal software self-installing in Web-connected computers with the ability to encrypt, or to delete, directories or files that can be decrypted only through a password, or through a remote deactivation by the cybercriminals.

Such type of software is available for purchase in the Dark Web, a term referring to the websites that deal in illegal activities, and it is not listed in the search engines. As for the mode of payment, cryptocurrencies are being used, thus, concealing both the seller and the buyer. According to the FBI, “… earlier ransomware scams involved having victims pay ransom with pre-paid cards, victims are now increasingly asked to pay with Bitcoin,…”*

Through ransomware, criminals access PCs with the ability to view the directories and to selectively damage, delete or encrypt files, or even change passwords. Often, such malware is installed and the ransom is demanded not activating it. However, there are ransomware scanning and ransomware removal tools that can provide defense in many ransomware cases.

Should one fall victim of such cyber extortion, always notify the cognizant authorities, who may possibly remove the criminal’s lock over the data of the attacked PC. Either way, one should always record at least the cryptocurrency account number where the ransom is to be paid, for subsequent investigation by the cognizant authorities.

Besides anti-virus software that examines all access attempts to a PC and rejects the illegal ones, there is a practice that can make ransomware less harmful. This is, backing up all files in write-only storage, that is, accessing only if disconnected from the Web.

Purchasing Cryptocurrencies

Cryptocurrencies are treated as commodities that are bought and sold in a variety of ways. Similar to the stock exchanges, there are cryptocurrency exchanges where one may trade units of cryptocurrencies for other cryptocurrencies or for traditional currencies, dollars, euros, etc.

One may buy cryptocurrencies using one’s own bank account, credit cards, ATMs, or using PayPal. However, such purchases are not totally anonymous, since such accounts have the customers’ identity.

Of course, one may purchase cryptocurrency from the wallet of an already cryptocurrency holder. Either way, while the identity of the cryptocurrency purchaser might be traceable, the use of the cryptocurrency is claimed to be untraceable.

About CyberSecurityMag

Founded in 2018, CyberSecurityMag is an award-winning online publication for small business owners, entrepreneurs and the people who are interested in cyber security. It is one of the most popular independent small business publications on the web.

Leave a Reply

Your email address will not be published. Required fields are marked *