While cryptocurrency has experienced volatility in the last year or so, many finance experts tout it as the future. In fact, Elon Musk has gone so far as to suggest it will be THE currency on Mars when that day comes. But that doesn’t mean that cryptocurrency isn’t without its fair share of concerns. On the one hand, blockchain requires tremendous energy consumption, which has been a concern for many. (Read more about the immense energy these digital currencies require in this Bold story!) Likewise, it’s unclear which cryptocurrency may have staying-power over time. But while these issues are noteworthy, they may not be the most important one when it comes to cryptocurrency. The biggest threat may actually be cryptocurrency hacks and fraud.
Over the last several years, the number of cryptocurrency hacking cases have increased substantially. These as well as other cybersecurity threats are rapidly becoming the highest priority for many businesses and financial institutions. And they’re also becoming major concerns at a state level, given that many cryptocurrency hacking cases seem to be state-supported. Not only have countries like Russia and China been linked to cryptocurrency hacks and fraud. But it’s now apparent that North Korea is as well. It’s therefore important that anyone involved with cryptocurrency understand these risks and their potential repercussions.
“North Korean cybercriminals had a banner year in 2021, launching at least seven attacks on cryptocurrency platforms that extracted nearly $400 million worth of digital assets last year.” – 2022 Chainalysis Report on North Korea
A Recent Uptick in Cryptocurrency Hacking Cases
It’s pretty clear that cybersecurity breaches have increased over the last decade and reflect common threats to companies. This was highlighted recently in Russia’s SolarWinds and FireEye attacks last year. It has also been apparent in a number of hacking events presumed to be led by Chinese intelligence. Clearly, states are now involved in the next-level of warfare involve cyber domains. But Russia and China are not the only ones engaged in this new form of warfare. According to recent reports, North Korea has been actively pursuing cryptocurrency hacks and fraud since 2017.
As reported by Chainalysis this month, North Korea has escalated its efforts in cryptocurrency hacks and frauds. While 4 cryptocurrency hacking cases by North Korea were identified in 2020, this figure increased to 7 this past year. The amount of cryptocurrency stolen totaled $400 million in 2021, representing a 40% increase in value from the preceding year. The number of cryptocurrency hacking cases involving North Korea had declined since its peak in 2017. But the past year’s totals now suggest the country is becoming more aggressive in its cryptocurrency hacks and fraud. North Korea also appears to be more sophisticated in its efforts as well.
“In some instances, the [presumed North Korea] actors used a hacked account of a [venture capital] firm’s employee to have a conversation with the target. Kaspersky researchers found more than 15 venture firms whose brand names and employee names were abused during the campaign.” – Statement by Kaspersky Anti-Virus Software Company
Targeted Cryptocurrency Hacks and Fraud
While cybersecurity breaches can involve nearly any company, cryptocurrency hacks and fraud have been more targeted. As has been evident in North Korea’s efforts, cryptocurrency hacking cases tend to involve investment firms and centralized cryptocurrency exchanges. Many have involved stealing digital coin from “hot wallets,” which is any Internet-connected account that stores, sends or receives cryptocurrency. These are currently the types of sites that appear to be most vulnerable to state-sponsored cryptocurrency hacks and fraud.
In terms of North Korea over the last year, there have been several strategies used in their cryptocurrency hacking cases. Often, phishing lures are used to engage employees working at the various financial institutions. Other approaches have also included code exploits, use of malware, and advanced social engineering. Once obtained, the stolen cryptocurrency is then laundered and used for military purposes. Specifically, North Korea is believed to be using this stolen digital coin to their ballistic missile and WMD programs. Clearly, this heightens the level of concern about the safety of cryptocurrency. (How safe is crypto? Read more in this Bold Business deep dive!)
“These [laundering] behaviors, put together, paint a portrait of a nation that supports cryptocurrency-enabled crime on a massive scale. Systematic and sophisticated, North Korea’s government…has cemented itself as an advanced persistent threat to the cryptocurrency industry in 2021.” – 2022 Chainalysis Report
Sophistication in Digital Money Laundering
Understanding that blockchain offers a decentralized system to validate transactions, cryptocurrency hacks and fraud require elaborate strategies. In cryptocurrency hacking cases, criminals must somehow “launder” their digital coin before they can use it. As North Korea has shown, schemes to accomplish this have become incredibly complex. In fact, a series of steps are taken once cryptocurrency is taken to hide any trail of its original theft. Most commonly, this involves a combination of stealing, exchanging, and mixing digital coins multiple times. After several cycles of this type of cryptocurrency laundering, it becomes quite difficult to trace its origin.
In the most recent cryptocurrency hacking cases, North Korea has targeted several types of digital coins. These not only include Ether and Bitcoin but also ERC-20 tokens and altcoins. In the subsequent digital money laundering process, the stolen coin is initially swapped for another type of cryptocurrency on a decentralized exchange. Typically, this exchange allows greater liquidity when less common coins are exchanged for more common ones. After this, the new digital coins are mixed, where software pools and then scrambles thousands of cryptocurrency addresses. When these steps are performed repeatedly, efforts to track cryptocurrency hacks and fraud become increasingly more difficult.
A New Era of Cyber Warfare
In terms of global politics, cyber warfare is nothing new. For decades now, nations have been investing in assets and strategies to compete at a new level. But cryptocurrency hacks and fraud represent a rising concern within the scope of cyber warfare. The ability to steal not only information but digital coin as well raises the bar with even more at stake. As the number of cryptocurrency hacking cases increase, greater investments into cybersecurity protections and defenses will be required. This is not only true for financial institutions but for state actors as well.