The Security Impact of Rising Cryptocurrency Prices


Posted on

The cryptocurrency market has been on a wild ride over the past two quarters, as Bitcoin, Ethereum and many other cryptocurrencies experienced wild daily price swings and all-time highs. As a result, the entire cryptocurrency market cap hit $2 trillion for the first time in history! While this crypto bull run might be great for speculators’ finances, rising cryptocurrency prices also come with potential cybersecurity implications. Let’s explore the top security concerns facing businesses and investors alike today.

Cryptominer Popularity Cybercriminals use cryptominer malware to hijack victims’ devices and use the processing power to secretly mine cryptocurrencies for themselves. The prevalence of these attacks correlates directly with cryptocurrency market cycles. While these types of attacks have existed for quite some time, they came to the forefront in 2017-2018 as cryptocurrency values skyrocketed to record levels during the last bubble. Back in Q1 of 2018, we saw several cryptocurrency miners appear for the first time ever in WatchGuard’s list of the top malware variants. This coincided with the previous all-time highs before the current bull run of 2020-2021.

We’ve seen this correlation play out regularly over the past several years. Endpoint threat intelligence from our latest Internet Security Report shows that as prices started trending upward after 2018-2019 lows, the volume of cryptominer malware detections was 25% higher in 2020 than in 2019. We expect this trend to continue as the cryptocurrency market cycles rise and fall in the coming years.

It’s also important to note that even when the market crashes again, cryptominers won’t go away completely. Cybercriminals will continue adding cryptominer modules to existing botnets to generate passive cryptocurrency income. Since most of these threats originate via phishing messages, the simplest ways to reduce your risk are to treat all links and attachments in any form of unsolicited communication with extreme skepticism. To cover all of your bases, be sure to also keep web browsers and extensions up to date with the latest security patches.

Ransomware Repercussions Whenever you’re talking about cryptocurrency and security, ransomware will undoubtedly come up. Modern ransomware uses strong encryption with unique keys per victim and demands payment in popular cryptocurrencies (especially privacy coins like Monero). Rising cryptocurrency prices impact ransomware in a few ways.

First, many of these attacks include a set coin amount (one Bitcoin, five Monero, etc.). And as prices continue to soar, ransomware demands can become much more expensive. Additionally, transaction fees go up in tandem with prices. These are both factors that businesses and individual victims consider when deciding whether or not to pay up.

The best way to deal with ransomware is to avoid infections in the first place. Leverage multi-factor authentication whenever possible to prevent attackers from leveraging your credentials to launch a ransomware attack, as well as advanced, behavior-based anti-malware services to detect and remediate ransomware variants before they can take hold.

Social Media Scams Cryptocurrency going ‘mainstream’ has other ramifications too. Higher prices mean more attention from investors. And since attackers go where the money is, this also means more scams and trickery.

The infamous Twitter hack of 2020 is a perfect example of how crypto scams spike during major market moves. An attacker made $100,000 by taking over high-profile Twitter accounts and promising users they would double any Bitcoin sent to a specific address. Some saw this as a blatant scam, but many didn’t. These tactics are kryptonite for the type of highly enthusiastic new investors that are drawn into the market by wild price increases (and many crypto scams are just as successful despite being far less sophisticated and believable).

Individual investors should approach every cryptocurrency transaction and request with extreme caution and skepticism—and always verify the authenticity of the person or site in question before making any moves. At the same time, high-profile public figures and companies should be on the lookout for cybercriminals attempting to leverage their names or take over their online properties to make attacks seem more credible and legitimate.

These are just several of the security implications that accompany significant cryptocurrency price increases, but there are many other methods hackers use to take advantage as well. The good news is that as cryptocurrency becomes more popular, more eyes will be on it—including more good guys paying attention.

This means it will likely become easier to track online cryptocurrency theft and extortion payments back to the criminals. In fact, the FBI’s Recovery Asset Team (RAT) highlighted one incident in its recent 2020 Internet Crime Report (p. 12) where they were able to track down a fraudulent wire transfer even as the criminal attempted to launder it through cryptocurrency. The attention and capabilities of organizations like this are a positive development and will go a long way toward helping to rectify and even deter online crime.

While no one knows for sure how cryptocurrency prices will fair in the coming weeks and months, businesses and individuals must remain vigilant and on guard against these types of security risks. Keep the above criminal tactics and defensive tips in mind to avoid falling victim to the cyberattacks we know rise in popularity during cryptocurrency bull runs.

ransomware phishing security awareness

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment.  Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA® Conference, RSA Security LLC or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.


Share With Your Community