The Ongoing Devaluing of Cryptocurrencies and Potential Impact on Cybercrime
“All the [businesses] shared a common trait: They all had value propositions that sounded like platitudes….Every one had a degree of arrogance in the, about changing the world, and none of them had real products aimed at real customers.”
Whilst it may serve as a viable reference to the multitude of emerging cryptocurrency businesses, in fact the quote above is related to the dot-com bubble, which burst in spectacular fashion between March and October 2000.
There are similarities; during the dot-com boom, the barriers to entrepreneurship were lowered by a lack of regulation in an emerging sector with seemingly unlimited growth. The opportunity to invest in online businesses that could be utilized by almost any industry was attractive to heavy investors such as venture capitalists, who often cash out at the point at which smaller investors and individuals are buying shares to secure optimum returns - $43 billion was cashed out by dot-com insiders between September 1999 and July 2000. Unfortunately for the average investor, by 2022 100 million individuals had lost $5 trillion in terms of stock value.
As the direction of an emerging sector is realised, exponential growth followed by a necessary scaling back of unprofitable ventures is not unusual. Cryptocurrencies are no exception, being classed as relatively volatile for the lack of an underlying asset to establish a base value.
Recently, the value of the original cryptocurrency, Bitcoin (BTC) fell to below $18,000 from a high of $64,400 in November 2021. There were various contributing causes, amongst which were the major cryptocurrency exchange Binance and the crypto lending platform Celsius Network halting Bitcoin withdrawals due to unforeseen circumstances in June, and the Terra (LUNA) token crashing from $120 to $0.02 on May 11th 2022.
Current world events are not helping to re-establish investor confidence; inflation is up, food shortages are on the verge of becoming a reality, alongside an ongoing major conflict.
Historically, during trying times, crime rates rise. With the increase in ransomware-as-a-service, where malicious actors gain access to a network and restrict access until a ransom is paid – usually in a cryptocurrency to allow such groups to maintain anonymity. Potentially, the crash in the value of BTC could have long-ranging consequences for businesses vulnerable to cybersecurity compromises.
The decrease in the value of cryptocurrencies could lead to threat actors targeting smaller businesses more frequently in a bid to maintain income; state-sponsored groups may be looking to increase revenue to offset the decrease in their national currency.
For small-to-medium businesses, this could lead to an increased risk of compromise as threat actors look to compromise relatively easy targets even if revenue is relatively low.
Overlooked security issues such as misconfigured DNS, outdated website certifications left public for a threat actor to reuse to gain access, out of date anti-virus products, insecure routers and a lack of adequate system backups could all leave an organisation exposed.
Increasingly, groups undertaking malicious activities are not bothering to encrypt; instead they simply capture a system and proceed to extort the company in exchange for an assurance that PII and other sensitive data will not to be published or sold on the dark web.
How can SMBs avoid being compromised?
Ensure that security basics are covered: map systems, devices, and users – it is impossible to protect against compromise if the attack surface is unknown. Secure basic website functions such as DNS, open ports, logon portals, and require MFA for all users.
Have a plan in the event of a compromise; isolate devices or hosts in question from the network, disable accounts of users involved until their activities are fully investigated, ensure that vulnerabilities are patched and backups performed regularly.