The ransomware attack on Colonial Pipeline hit the headlines in May. Colonial Pipeline decided to pay the hackers who invaded their systems nearly $5 million (75 bitcoins) to regain access. Over the next several weeks, the FBI traced the address of the wallet the criminals gave to Colonial to make the payment according to Bloomberg. At that point, federal law enforcement seized the assets, recovering 2.3 million worth of bitcoins transferred.
The FBI said in its request for a warrant that its investigators had in their possession the private key for that cryptocurrency wallet. How they obtained the private key which is closely held is unclear. One scenario is that hackers had made the choice to entrust the private key for their Bitcoin to a cryptocurrency exchange which was forced to hand over the funds to the FBI.
This incident is a reminder of the threat of cyber attacks on critical infrastructure in the U.S. and the use of crypto currency in ransomware attacks. Criminals favor Bitcoin and other cryptocurrencies because of the pseudo-anonymous nature of the technology, and funds in the wallet can be accessed only with a complicated digital key.
It can also serves as a case study of risks and controls of the cryptocurrency platforms that facilitate the trading of cryptocurrencies.
- Innovation in blockchain explorers, or crypto search engines, means that every transaction can be traced through the blockchain that underlies the technology. The digital ledger publicly records every transaction, with users identified by a string of characters called a “wallet address.” If a third party figures out a wallet’s owner, it can access that person’s entire transaction history.
- When the private key is held by in a custodial wallet of the exchange, the funds can be exposed to theft if the crypto exchange’s systems are compromised. Centralized cryptocurrency exchanges like Coinbase and Paypal hold onto the private keys associated with users’ wallets on the platform. Users then rely on the controls in place at the exchange when they leave their Bitcoin or cryptocurrency.
Crypto investors who are more sophisticated and security-conscious tend to keep their coins away from major trading apps, such as on ‘cold’ wallets and USB keys. In reaction, the fintech firm Square is reported to be developing non-custodial bitcoin hardware wallets to give investors sole control of their private keys and retain greater control of their cryptocurrency.
The boom in cryptocurrency investing has made the industry an attractive target for malicious hackers and thieves to go after and carry out frauds, scams and thefts. In 2018, cryptocurrency crimes hit $1.7B value, revealed CipherTrace’s annual Crypto Anti-Money Laundering and Crime Report. This figure soared by almost 165% year-over-year to $4.5B in 2019, before dropping to $1.9B in 2020.
A range of vulnerabilities affect crypto exchanges from operator error and security flaws to malware affecting hard drives in search of wallet credentials and private keys. This has led regulators to call for greater protection of customers and investors. Internal controls modeled on established financial institutions include robust verification of new accounts that complies with Know Your Customer (KYC) and Anti-Money Laundering (AML) rules. Since most cryptocurrency services and exchanges fall outside financial services regulations, standards of integrity and security are inconsistently followed.
On the internet you can even find examples of cryptocurrency exchanges advertising that they do not conduct KYC verification of customers, customers are allowed to keep their personal information to themselves. One such exchange is Binance, the world’s largest crypto…