​Bitcoin owners and currency exchanges emerging targets for criminals: FireEye

The security firm's Asia Pacific CTO has warned against assuming cryptocurrency is secure or is safe from extortion if stored in a digital wallet.
Written by Asha Barbaschow, Contributor

Extortion is the biggest business at the moment on the internet, and most of the extortion conducted against businesses is demanding ransom be paid via cryptocurrency.

According to Bryce Boland, chief technology officer for FireEye in the Asia Pacific region, many victims are purchasing cryptocurrency to pay the criminals; but a rush in new entrants into cryptocurrency ownership is also thanks to the surge in value of Bitcoin.

Boland told ZDNet this is resulting in many businesses and individuals left vulnerable, and cryptocurrency exchanges sitting targets.

"We have been seeing a huge amount of extortion against businesses, and most of those extortions are using cryptocurrencies for the payment -- mostly it's Bitcoin -- and so many of our customers are having to deal with coin security issues, or have to acquire Bitcoin to potentially pay criminals," he explained.

"At the same time, we've seen exponential growth in the valuations of some of these currencies over the last year and that has created a sense among some people that they need to pile in to cryptocurrencies."

However, as those that adopted cryptocurrencies in the early days spent a lot of time understanding how they work and how to make them secure, Boland said that is not the case with the vast number of people who are buying them on speculation.

"They aren't aware of the threats and they aren't aware of how easily these digital tokens can be stolen -- that creates huge opportunity for criminals," he said.

Bitcoin has been used by criminals for years as a way of avoiding physical money movement, with the transfer of digital tokens resulting in them being less likely to be caught.

See also: The risky business of bitcoin: High-profile cryptocurrency catastrophes of 2017

Having studied cryptography, Boland said the wonderful thing about cryptography is that it can solve any problem perfectly, providing it is a mathematical one.

"It doesn't solve human problems terribly well and that's the challenge; the attackers are human and they're attacking humans," he explained. "Even if you think you've got a really strong password and you only use that computer for accessing cryptocurrencies and cryptocurrency sites, you can still be the target of an attacker trying to steal your digital wallet."

Of concern to Boland is the use of "crypto".

"Maybe people think that because it's using crypto it's somehow safe -- it's not," he said. "The crypto that's in them is almost incidental to their use, they are essentially a digital file or a set of digital files that prove ownership over something and those files can be stolen -- that's what criminals do, criminals steal files, they steal data, credentials -- and that's all we are talking about here with cryptocurrencies."

The increase in cryptocurrency ownership and value has also seen the amount stored in digital wallets at cryptocurrency exchanges grow significantly. Boland believes the exchanges, particularly those run by smaller organisations or one-man bands, are struggling to keep up with the load and are themselves becoming targets for criminals.

"We've seen DDoS attacks against them; we've seen different groups targeting cryptocurrency exchanges trying to steal the currencies they hold; trying to garner information on how they operate, particularly how they operate their KYC processes for anti-money laundering; we also see them try and understand who are the insiders, who are the people that might work there to conduct other crimes," he explained.

"It's fairly similar to how we see criminals try to understand how banks work, now they're targeting cryptocurrency exchanges who have a good understanding of security, but they're all relatively small organisations and they're struggling to cope with load so they might take their eye off the ball a little bit."

With the price of one Bitcoin currently sitting at $17,068.26 at the time of writing, Boland said if the exchanges are struggling with load, he would not be surprised if they're also struggling with liquidity.

Related Coverage

Editorial standards