When most people think of cryptocurrency and blockchain technology, the first thing that comes to mind is Bitcoin. As Corey Nachreiner, CTO at WatchGuard Technologies, explained to me via email, while Bitcoin was the first cryptocurrency and remains the most popular, there are actually many different crypto coins in existence. Other coins like Ethereum, Litecoin and Monero all maintain total market capital over $1 billion. Each new cryptocurrency brings new innovations to their respective blockchains. Ethereum’s blockchain, for example, acts as a fully decentralized computer capable of running applications. However, these additional blockchain features introduce new security considerations.
Nachreiner predicted cryptocurrency is going see its worth crash because a major vulnerability will be discovered, stating:
Ethereum already saw a near-50 percent drop in value back in 2016 when hackers exploited a vulnerability in a popular blockchain application to steal more than $50 million in Ethereum cryptocurrency. Since then, bug bounty programs and public code reviews have become a major part of blockchain development, but attacks have continued, including one that targeted a popular Ethereum multi-signature code wallet and made between $100 and $500 million in Ethereum permanently inaccessible.
As the value of these cryptocurrencies grows, they will become much more appealing targets for cyber criminals looking to make millions. We predict that hackers will find a vulnerability severe enough to completely wipe out a popular cryptocurrency by destroying public confidence in its security.
We’ve already seen proof that cryptocurrencies have serious security issues. Imperva’s Q3 2017 DDoS Report showed that bitcoin exchanges are among the most-attacked types of websites, with nearly 80 percent of all of related websites coming under attack. And then there was the recent hack of cryptocurrency marketplace NiceHash that resulted in more than $64 million stolen. As cryptocurrencies become more accepted, we have to assume these marketplaces and exchanges will be favored targets of hackers.
But it isn’t just that they will be cybersecurity victims. Bitcoin and other cryptocurrencies have played a key role in cybersecurity issues in 2017. Bitcoin is often the payment of choice for cybercriminals in ransomware attacks. Expect that to get worse, Michael Klatt, VP of research and development with DomainTools, predicted, telling me via email that he thinks cryptocurrency will embolden identity theft ransomware attacks:
Cryptocurrency was a “killer app” and enabled and fueled the growth of ransomware and related ransom threats in 2017. This will continue to grow in 2018 to include holding identities for ransom. Users will receive emails or phone calls telling them that their SSNs and other information has been compromised (with evidence) and then instructed to pay via bitcoin to prevent the data from being leaked.
So in 2018, expect cryptocurrencies to be both the target of attacks and enablers of a growth in ransomware.
Sue Marquette Poremba has been writing about network security since 2008. In addition to her coverage of security issues for IT Business Edge, her security articles have been published at various sites such as Forbes, Midsize Insider and Tom's Guide. You can reach Sue via Twitter: @sueporemba