Crypto-currencies are changing the security landscape
7 June 2013 | 0
It is impossible to defend against online attacks without understanding who is attacking and their respective motivations, but the emergence of crypto-currencies has the potential to fundamentally alter the security landscape.
According to Mikko Hyppönen, chief research officer, F-Secure, because of the different methods of attack from different attackers it is more important than ever to understand who is doing what.
"It is completely different to try to defend your organisation against a cybercriminal gang who are attacking to make money," said Hyppönen, "compared to trying to defend against a nation state espionage attack. That is completely different to defending your organisation against Anonymous or a movement like that who are neither of these and are not interested in making money or espionage but as a means of protest or to make a point. They are all completely different to each other, using different mechanisms and tools."
"These are the main groups into which I divide current attacks, the criminals, the activists and the governmental activity."
However, those motivated by profit are changing their activities and this could have a dramatic impact for the IT security industry.
Hyppönen said that the growing use of crypto-currencies, such as Bitcoin and Litecoin, have meant that many criminals have changed their activities and are now able to make money from compromised computers without the need for user interaction.
In the past, criminals often targeted a user’s PC to get Paypal passwords, banking credentials or credit card details. But now, many hackers and criminals are simply targeting machines to create or enlarge botnets.
These botnets would have been commonly used for the likes of spam relays or denial of service attacks, but now said Hyppönen they are being used to mine Bitcoins.
Bitcoins are merely numbers that are generated by an open source cryptographic protocol. But to transfer ownership of one, there is a complex set of calculations that must be completed to verify ownership and transfers. This process is known as Bitcoin mining. The processing protocol can also produce new Bitcoins as reward for those who control the Bitcoin mining networks.
"Bitcoin mining and making money with Bitcoin botnets changes this picture because now suddenly there are very concrete, working mechanisms of making significant amounts of money from computers which have no users."
"This is happening right now. This is unique-it is something we have never seen before with malware. It is a criminal botnet where the infected computers unwillingly become part of useful peer to peer network."
"When you have a machine doing Bitcoin mining, it is not just doing mindless puzzles, it is actually confirming transactions with other Bitcoin users in the same peer to peer network. The more miners there are, the more secure it is.
"We have never before seen beneficial, or benevolent, botnets," said Hyppönen.
By having a sufficiently large botnet to Bitcoin mine, the botnet controllers can make significant amounts of money. Hyppönen said that in the last few years, Bitcoins have gone from being valued at about $2 a piece to currently being worth about $130.
The lack of central processing means that crypto-currencies are very difficult to control, said Hyppönen.
"I don’t think these crypto currencies can be stopped, that’s the whole logic of them. There is no central choke point because there is no central bank. There is only a peer to peer network, so it would be as hard as stopping torrent traffic."
"Banks hate Bitcoin because they make banks irrelevant. Governments haven’t been nearly as critical of Bitcoin as banks have, and using Bitcoin isn’t illegal in any way, just as using gold isn’t."
Increasingly, criminals are trading in Bitcoins or Litecoin and then turning those back into traditional currency, said Hyppönen, and it is expected the closing of Liberty Reserve will make the likes of Bitcoin and Litecoin more popular.
But there is a further serious implication in this development, warned Hyppönen. As we move toward an Internet of Things, where everything from cars, to toasters and fridges have inbuilt computers, IP addresses and connectivity, they may become targets for hackers.
Previously there was no real reason to target these things, argues Hyppönen, but now Bitcoin crypto-currency mining gives a motive to target them and changes the risk profile of such devices.
Mikko Hyppönen will be talking about these and other topics in Dublin at Enterprise Technology World from 17-18 June.