Growing Cybersecurity Threats That Must Be Addressed — and Soon
“You cannot protect yourself if you don’t have any visibility.”
Certain threats are growing that we cannot see without special tools. If we cannot see them, how can we protect ourselves?
The bad news? You can’t.
However, the good news is there are ways to expose these threats before they get to you.
You Cannot Defend Against What You Cannot See
Every time technology advances, new threats, and vulnerabilities emerge. More companies today than ever have been impacted by cyberthreats and still have no idea what hit them. In fact, a survey conducted by Balabit, a security firm, revealed that “a large majority of businesses admitted in the survey that they knew next to nothing about the nature of the security breaches that were plaguing their systems.”
We’re not talking about the typical denial-of-service attack, a piece of ransomware scripted by a mischievous teenager, or even a disgruntled employee doing some damage to a company’s sensitive data in an inside job.
What we’re talking about is a deeper and more insidious threat: getting your cryptocurrencies mixed up with money laundering and terrorism financing.
How does that happen anyway?
How Cryptos May Expose You to Legal Entanglements
Let’s say you make crypto transactions with someone or some people. Now imagine some bad actor somehow launders money into cryptocurrency tokens using mixers, tumblers, and exchange trading. The problem is that these tokens may propagate throughout the crypto sphere and reach your wallet, their origin unbeknownst to you.
Given that blockchain is fully traceable by anyone, a government or law enforcement agency could trace these tokens to their origin. If money laundering is somehow involved, they will want to trace where all these tokens ended up. Right now, there’s no telling what will happen if law enforcement finds out that you hold tokens that originated from money laundering. With the way the wind is currently blowing, governments around the world are increasingly cracking down and you might inadvertently end up in their crosshairs.
Money laundering is an extreme example though. A more common problem will be that if you hold cryptocurrencies, governments will be increasingly suspicious as to whether you are partaking in tax evasion. The IRS recently shocked the world by sending “educational” letters pointedly telling crypto users that they may owe taxes on their gains created by making cryptocurrency transactions.
So how can we own crypto and stay on the right side of the law?
What You Can Do to Protect Yourself
The most important rule is to know who you do transactions with. If you aren’t sure, there are ways to do some due diligence.
One is to verify whether the person you are transacting with is who they say they are. Another is to check whether that person has ever been involved in criminal activities. Finally, keeping good records and documenting every transaction is a way to support your case if a law enforcement agency or tax authority wants to take a deeper look at your cryptocurrency activities.
To summarize, here are three keys to protecting yourself from being associated with legal issues around cryptocurrencies:
● Know who you deal with
● Investigate who you are paying first
● Maintain good records
Fortunately, there are some software solutions that make it easy for you to do this.
Existing Solutions Available Today
Aside from cryptocurrency tax calculators like Bitcoin.tax, there are ways to investigate a cryptocurrency wallet for its legitimacy and any level of involvement with criminal activity before you transact with it. This gives you the peace of mind that you would not be transacting with anyone directly or indirectly involved in criminal activity (and possibly getting in hot water with law enforcement).
A set of solutions are being developed by the Uppsala Security within the Sentinel Protocol project, which consists of a large blockchain-based database containing information about the latest threats.
The Threat Reputation Database
The aforementioned blockchain-based Threat Reputation Database (TRDB) contains whitelists of safe URLs, wallet addresses, and other indicators, as well as blacklists of malicious URLs, known phishing scams, and cryptocurrency wallets verified to be involved with criminal activity.
Imagine that before you transact with a wallet address, you can check this address against the TRDB to see if it has been blacklisted due to illegal activity. If it has, then you simply can decline to proceed with the transaction. If it hasn’t, then you can proceed with peace of mind. A tool developed by Uppsala Security allows you to do exactly that. It is called UPPward, and it can be installed as a Chrome or Firefox browser extension free of charge.
The Crypto Analysis Transaction Visualization Tool
Another solution aimed toward law enforcement agencies helps them track digital funds going into and out of a particular wallet of interest. Criminals can no longer cover their tracks using mixers and tumblers because the Crypto Analysis Transaction Visualization (CATV) tool can follow all the “hops” these tokens undertake to reach their final destination all the way from its original source. This can help speed up investigations that previously had gotten bogged down in attempting to catch criminals cashing out stolen cryptocurrencies.
The Crypto Analysis Risk Assessment Tool
An upcoming new product is the Crypto Analysis Risk Assessment (CARA) tool. Since no identities are associated with crypto addresses, the CARA will help profile these addresses and assign them risk scores based on learned behaviors of both law-abiding crypto users and cybercriminals. CARA uses machine learning algorithms to gather information about the behavioral patterns of criminals while they make crypto transactions. Therefore, CARA will help other crypto users determine the risk level of transacting with a particular wallet address before actually executing the transaction.
With CARA being integrated into Sentinel Protocol, relationships between origin and destination wallet addresses can be mapped out throughout the crypto-verse, providing helpful risk assessment information associated with each wallet address.