At a cursory glance, the cryptocurrency landscape looks an awful lot like the old Wild West - lawless, volatile, open; no viable law enforcement in sight. But is there also a more positive side to blockchain technology?
We've all seen the headlines. Bitcoin's rise and fall, high profile hacking attacks, and ICO fly-by-night scam teams riding off into the sunset with investor money. At a cursory glance, the cryptocurrency landscape looks an awful lot like the old Wild West - lawless, volatile, open; no viable law enforcement in sight.
Transactions are sent anonymously by faceless villains on the darkweb for illicit dealings. Lack of central authorities have lead to crypto's ban in at least five countries, and its surging value makes it increasingly attractive to cyber-criminals. So the question remains: Are cryptocurrencies more than just a way for criminals to get paid anonymously and avoid tax?
A response to the 2008 financial crisis
To get to the root of the issue, it's worth remembering why cryptocurrencies came about in the first place. Bitcoin, the world's first cryptocurrency, emerged in response to the 2008 financial crisis. It was an open source project to allow for a transparent economy, in which individuals could be responsible for their own wealth.
The lack of centralisation meant that people could transact globally without the need for intervention or permission from institutions, at a time when trust in the banking system was at an all-time low.
Head of Red Team Services at CyberArk, Shay Nahari, explains, “The original idea behind cryptocurrencies was to provide a way for network computers to anonymously complete transactions. And today there are credible and legitimate services online and in retail that use cryptocurrency as a form of payment”.
Cryptocurrency has also been successfully used to complete many an international transfer, bypassing hefty banking fees and avoiding lengthy delays. Yet, the anonymity of cryptocurrency makes it a magnet for delinquents of all stripes, particularly on the darkweb.
Cryptocurrency adoption by criminals
Not only are tax evaders and drug barons willfully using it to fly below the radar and move vast sums of undeclared money around, but hackers have discovered the weak links, as well.
Despite the much marketed “anonymity” of Bitcoin, all transactions are visible, and this provides law enforcement authorities with enough data to uncover hackers' identities. It's also brought about a rise in the usage of altcoins (Bitcoin alternatives).
Currencies like Monero, that have been designed to be secure and untraceable, are gaining favour in the underground world for protecting the user identity and keeping follow-up transactions anonymous.
Nahari remarks, “Together with the fact that Monero was designed to still be effectively mined with CPU and not just special hardware, and the fact that due to its anonymity, accounts cannot be blacklisted (even if they are identified as malicious) means that bots of infected machines can generate large amounts of money for the attackers while still being almost resilient against law enforcement. As a result, Monero use on the darkweb has risen and its price has risen along with it”.
While all this sounds like a veritable hotbed of malevolent activity, it's pertinent to remember that digital currencies are not the only vehicle for carrying out nefarious deeds. It's well known that the US dollar is the criminal's bill of choice when it comes to money laundering and drug trafficking.
And while it's true that both currencies can be used for legitimate and illegitimate purposes, cryptocurrency is inherently more trackable than fiat currency. In many countries, the US included, national regulations already require cryptocurrency purchasers to undergo Know Your Customer/Anti-Money Laundering (KYC/AML) protocol before being able to invest.
Moreover, despite the fact that the public at large rarely comes across US$ 100 bills, they make up a massive 80 percent of all US currency.
Large notes in outside currencies have caused a problem for a while now, for their propensity to facilitate criminal activity.
Jennifer McEntire, manager of financial crime compliance strategy at LexisNexis Risk Solutions comments, “When you look at money laundering overall, that actually occurs and is easier with traditional currencies. Bulk movement of cash and hand to hand cash transfers are far more common and easier to execute by most people, while remaining truly anonymous. If you're using a cryptocurrency in an exchange platform, it's likely that you're leaving a digital trail in emails, text messages, and device usage. You're not as anonymous as you think you are”.
Not all cryptocurrencies were created equal
When Bitcoin value soared to just shy of US$ 20,000 in December of last year and promptly plummeted back down to under US$ 7,000 in a few short weeks, it became pretty clear that such rampant volatility rendered its usage as a currency challenging, to say the least.
Says McEntire, “Many people in the United States are seeing it as an investment vehicle, they're seeing the games that are happening. So I think that it can be dangerous in some ways, but not necessarily more dangerous than our traditional markets. Our traditional markets are also volatile. Cryptocurrency isn't going to go away but the volatility... I would liken and compare to our traditional markets."
Actually the volatility of cryptocurrency isn't unique. Even gold, that is historically viewed as a stable asset, has experienced similar surges and crashes over the decades.
Jeremy Epstein, leading speaker on blockchain innovation and CEO of blockchain marketing agency NeverStopMarkerting comments, “The volatility comes from the fact that we are seeing the birth of an entirely new asset class. It's the first digitally-native currency, built specifically for digital. That's not the case with our existing fiat systems. As such, it's tough for all of us to understand how it works and how to value it”.
And while cryptos are often labelled as being “volatile”, not all cryptocurrencies were created equal. There are plenty of stable-value cryptocurrencies on the market whose value is pegged to another asset, such as the dollar. Naturally, corporate treasurers are risk averse and, as adoption becomes more widespread, payments will likely be made using these types of cryptocurrencies, rather than the wildly fluctuating Bitcoin or Ethereum.
Cryptocurrency, blockchain and cyber-security
Just as cryptocurrency has different uses, so too, does the blockchain. One of which will undoubtedly change the face of cyber-security in the not-so-distant future. Cyber-crime remains a constant threat and thorn in the side of many an IT department, costing the global economy some $US450 billion a year.
“Equifax is exhibits A-Z on this. Our current IT systems are not built to hold the amount of data that they currently have, particularly personal data. We're vulnerable because of centralisation. Decentralising and securing the data stores provides greater security”, Epstein remarks.
Because blockchains create an audit trail of all activity by its participants, the process of access control and monitoring is greatly simplified, and can remove human manipulation and error. Thanks to cryptography, blockchain offers practically impenetrable security - the sheer possibilities of combinations in the encryption would take a typical modern PC trillions of years to go through.
Paul Brody, global innovation blockchain leader at EY asserts, “Blockchains are possibly the most secure information technology ever invented. It is, for all practical purposes, impossible to counterfeit Bitcoin or alter transaction histories in these systems. Blockchains hold the promise of creating vastly more secure online transactions and secure, unbreakable digital contracts between users”.
If blockchain is so secure though, that poses a rather awkward question. Why are we always hearing about hacking, theft, and criminal activity?
Brody has an answer to that. “Cryptocurrency blockchains are public”, he points out, “which allows for increased and earlier visibility when thefts occur. And while blockchains are themselves very secure, they operate in an ecosystem that still has many weaknesses, including human error. While you can't counterfeit bitcoins, you can steal them, and once they are stolen they may very well be gone for good. Various parts of the cryptocurrency ecosystem still require development in order to provide a higher level of security for users”.
Indeed. In fact, EY's own ICO research found that as much as 10 percent of the total funding through ICOs may have been subject to theft or fraud, to the tune of £290 million.
Cyber-security strategist at Juniper Networks, Nick Bilogorskiy, emphasises, “It is important to make a distinction between the technologies of cryptocurrency and blockchain. While the former has been used mostly for nefarious purposes, the latter has plenty of genuine use cases, for example, decentralised storage, and preventing fraud and data theft. Blockchain technology has no single point of failure, which highly decreases the chances of a successful DDoS attack”.
In fact, blockchain is so secure that cyber-criminals are already finding ways of using it to make their own servers hacker-proof.
Cryptocurrencies are just the tip of the iceberg
Just as AOL and email were to the internet, cryptocurrencies are the tip of the iceberg when it comes to blockchain technology. After all, they haven't been banned by the Bank of England and other institutions, despite the growing concern about criminal use cases.
European central banks and regulators, in fact, have a tradition of encouraging innovation (not to mention sniffing out a financial opportunity) and it's becoming clearer by the day that blockchain presents plenty of these.
Kevin Curran, IEEE senior member and professor of cyber-security at Ulster University says, “The blockchain has an important role to play in the security of the Internet of Things in the days ahead. Scaling the Internet of Things will prove difficult using traditional centralised models. There are also inherent security risks in the Internet of Things, such as disabling them should they become compromised and become parts of botnets., which has become a serious problem already... Blockchain technology could potentially allow billions of connected IoT devices to communicate in a secure yet decentralised ecosystem, which also allows consumer data to remain private”.
Moreover, according to Brody, we can soon expect to see the blockchain touching most areas of our lives. “Cryptocurrencies - and the blockchains they run on - are a technical revolution that should enable a transformational set of new business technologies. It offers secure, reliable, disintermediated collaboration between companies doing business with each other. We think everything from the digital media business to supply chains will be transformed with this technology in the coming years”.
From empowering and connecting people currently overlooked by the legal and banking systems, to resolving electoral fraud, creating transparency in the supply chain, and reducing costs; the potential of the blockchain is practically limitless.
But it isn't all utopia yet.
While blockchains themselves are natively secure, secondary software, such as wallets and exchanges, are often notably less so. Ownership of open source projects remains an under-addressed issue that may ultimately impact version updating and liability. Smart contracts rely on oracles to report external data, and this technology is still underdeveloped and problematic.
Regulation remains the elephant in the room. Everyone agrees that regulation in some shape or form will have to take place, but no one agrees on what it will look like, the form it will take from jurisdiction to jurisdiction - or the impact it may have on curtailing blockchain innovations.
Until these teething troubles are resolved and we begin to gain a better understanding of the technology, cryptocurrencies may continue to be hijacked by bottom feeding lowlives to facilitate their lifestyles. But whatever your stance on digital money, you'll surely agree there's a lot more to crypto than meets the eye.
Contributed by Christina Comben, Cybersecurity writer.