2017 has been a banner year for the rise in popularity of cryptocurrencies, the electronic currency used to purchase both virtual and physical goods and services. The largest and best known among them, Bitcoin, has just this week traded above an astounding $8,000, and numerous other cryptocurrencies have been and are being created to take advantage of the mania surrounding them. Their rising popularity and price is occurring while an alarming rash of large thefts is exposing the security vulnerabilities of these currencies. The alarm bells are ringing loudly. Is anyone listening?
Virtual currencies are neither contractually backed by assets or legal currency laws, nor are they controlled by a central authority. They can be sent to or received by anyone with an Internet connection. The first step in trading this type of currency is to set up a virtual wallet where transaction histories are stored. The wallet houses a file of ‘secure’ digital keys used to access a currency address and sign transactions. They are traded by sharing a wallet’s anonymous private identification number with a merchant or peer. Wallets are a way to store the digital documentation of the currency value and grant access to users to spend them.
There are many kinds of virtual wallets, the most popular among them being desktop wallets, Internet-based wallets, and mobile wallets. Desktop wallets offer the most security and anonymity, as a software program that is downloaded onto a user’s computer. Desktop wallets process user transactions, allow users to create new addresses, and store the user’s private key.
Internet-based wallets store a user’s private key online via a main computer or server that is connected to the Internet. Such wallets allow for more flexibility as they connect to a user’s desktop wallet and mobile device wallet. However, Internet-based wallets have greater risks than desktop wallets, since they hold user keys, leaving users vulnerable to any complications resulting from service provision, such as hacking, technical problems, or regulatory issues.
Mobile wallets work via smartphones; Users must download an app to access virtual currencies by phone. They only use a subset of block chain and rely on other networks to ensure all the correct information is there for the transaction to take place.
Like most forms of technology, fraudsters, criminals, and terrorist groups have found ways to exploit virtual currencies for nefarious purposes. Due to their anonymity and untraceability, cryptocurrencies are used for criminal activities such as laundering money, buying and selling illegal goods and services, and transferring money to support criminal or terror activities. Since these currencies are untraceable by governments, they cannot be stopped by regulatory screening processes, and can access any country to send money instantly.
Dark wallets offer users more protection in relation to privacy and identity, which are consistent with Dark Web criminality, such as murder, child pornography, drug and weapon sales, and terror group financing. It has been estimated that more than half of all cryptocurrency transactions are the result of Dark Web criminals, which not only accounts for their resilient popularity, but for their skyrocketing value.
There are a variety of criminal software tool kits for sale on the Dark Web, and virtual currency ATMs exist for ease of use just as they do in the visible legal banking world. Like their legal competitors, software tool kits sold on the Dark Web continually update their products and have purchase options that enable users to ‘subscribe and save’. Some kits are even available on a rental basis and come with free updates and technical support.
While the ‘normalization’ of the use of cryptocurrencies is making more people comfortable with the idea of using them, and while old fashioned greed is spurring more people to invest in them, a familiar pattern has descended on the virtual currency landscape: people are ignoring the alarm bells that are ringing on a variety of fronts. The absurdly high price of Bitcoin - and its wild price gyrations - should alone be enough to prompt consumers to pause before hitting the ‘enter’ button, as should the knowledge that most of the people using such currencies are Dark Web criminals.
But the frequency and size of security breaches should also make consumer wonder just how safe virtual currencies are, for, despite the algorithms and high-tech wizardry attached to them, cyber criminals are finding more ways to penetrate and steal from them. Perhaps the best-known example of this is Mt. Gox. Founded in 2010, it was a Bitcoin exchange that handled an estimated 70% of all Bitcoin transactions by 2014, when approximately $450 million worth of Bitcoin simply disappeared. Mt. Gox subsequently filed for bankruptcy. As of 2016, its creditors had claimed $2.4 trillion in losses. Earlier this month $280 million worth of Ethereum was frozen after the code library of a large provider of cryptocurrency wallets had been ‘accidentally’ deleted from its accounts. And this week, $31 million was robbed from Tether.
The fact is, tens of thousands of cryptocurrency investors (small and large) lose hundreds of millions of dollars each year now. That is also the new normal. In the era of Virtual Terror, there is no such thing as a cyber ‘safe bet’. Any person, business, or government participating in cryptocurrency trading is doing so on the Dark Web, and keeps company with cybercriminals who operate outside the reach of the law. Do you really want to keep company with them? Those investors who choose to ignore this do so at their own peril. As the popularity and price of cryptocurrencies continue to rise, so will the risks associated with investing in them.
*Daniel Wagner is author of the new book “Virtual Terror”, founder of Country Risk Solutions, and managing director of Risk Cooperative.
This article was first published on LinkedIn.