11 Feb Meet Cybercrime’s New Market Entrant: Cryptocrime
2019 Cybersecurity Almanac arms the public with information around the cyberthreats to cryptocurrencies
– Steve Morgan, Editor-in-Chief
Northport, N.Y. – Feb. 11, 2019
Cryptocrime is an emerging segment of the cybercrime ecosystem. One report estimates that hacks on cryptocurrency exchanges suffered roughly $1 billion in losses during 2018. That figure barely scratches the surface of global cryptocrime damages.
Cryptocrime Data Points:
- Cybersecurity Ventures predicts that by 2021 more than 70 percent of all cryptocurrency transactions annually will be for illegal activity, up from current estimates ranging anywhere from 20 percent (of the 5 major cryptocurrencies) to nearly 50 percent (of bitcoin).
- Around $76 billion of illegal activity per year involves bitcoin, which is close to the scale of the U.S. and European markets for illegal drugs, according to a study published by the University of Sydney in Australia, ranked as one of the top 100 universities globally.
- The cost of the 2018 Coincheck hack, the biggest cryptocurrency heist to date, was $530 million. 523 million NEM coins (known as XEM) had been stolen from a hot wallet (a wallet connected to the Internet), allowing hackers to drain the coins into a separate account. The cost of those stolen coins has since declined dramatically.
- Cryptojacking is illegally mining cryptocurrencies, and it’s gaining ground on ransomware as a favorite revenue stream for cybercriminals. The problem is so severe that Google announced it would ban all extensions that involved cryptocurrency mining from its Chrome browser. SIM swapping is on the rise and poses a major threat to cryptocurrency account holders.
- Cryptojacking was one of the fastest growing cybersecurity threats in 2018, with 25 percent of all businesses already falling victim to it.
- A report from the Cyber Threat Alliance (CTA) indicates a massive 459 percent increase in the rate of cryptojacking, through which hackers hijack computer processing power to mine cryptocurrencies such as bitcoin and Monero.
- Cryptojacking participants can use more sophisticated means to evade detection — and according to one study only around 50 percent of malicious attacks are detected.
- On average, most cryptojackers don’t earn much. 1 out of every 500 of the top million Alexa-ranked sites hosts cryptojacking code. The ten most profitable cryptomining sites identified generate between $119 to $340 per day, according to academics at Braunschweig University of Technology in Germany. It remains to be seen how many cryptojackers will revert to ransomware, and data theft and resale on the Dark Web for higher payouts.
- SIM swapping attacks have stolen tens-of-millions of dollars worth of cryptocurrency. The compromise involves tricking a mobile carrier employee into rerouting a subscriber’s phone number to a hacker’s SIM card. This enables the perpetrator to intercept the victim’s messages — including 2FA codes — which helps locate the private keys used to access a cryptocurrency account. The first hacker convicted of SIM swapping was sentenced to 10 years in prison.
These data points were extrapolated from the Cisco/Cybersecurity Ventures 2019 Cybersecurity Almanac, a narrative of the cyber threat to humanity, the cybersecurity economy, and the progress being made by the cybersecurity industry.
– Steve Morgan is founder and Editor-in-Chief at Cybersecurity Ventures.
– Steven T. Kroll, public relations specialist and staff writer at Cybercrime Magazine, contributed to this story.