In 2022 alone, North Korea, or the Democratic People's Republic of Korea (DPRK), reportedly stole more than $1 billion in cryptocurrency from cryptocurrency sector organizations through one of the major hacking organizations, the Lazarus Group. This is up from $400 million in 2021, and these robberies account for a third of all losses due to cyber intrusions in the cryptocurrency sector this year.
Additional disruption in the cryptocurrency sector has already led to increased regulatory demands from financial authorities. Bankruptcies and scandals involving several companies are depressing the industry and the value of cryptocurrencies. Because many of these companies are based in the United States, U.S. regulations are especially important. The central role of the state in both the cryptocurrency sector and efforts to regulate it, and the sector's current turmoil, make now an opportune moment to focus U.S. government policy initiatives on cryptocurrency companies and products.
Given changes in the threat environment and financial system, the United States must change its policy focus accordingly. Lazarus' cryptocurrency theft dates back to at least 2017, and by the end of 2018, the group was responsible for more than half of all losses due to cryptocurrency exchange theft. In early 2019, the United Nations Security Council acknowledged that North Korea's cybercrime operations targeting cryptocurrency exchanges were providing a significant source of additional revenue for the regime. However, the cryptocurrency sector surpassed Lazarus' interest in traditional banks (e.g. Bangladesh Bank) in 2020, possibly due to mobility constraints due to the pandemic. COVID-19 and the resulting global lockdowns have prompted the group to turn to the cryptocurrency sector, preventing funds from being liquidated and moved through money mules, Lazarus' favorite tactic.
Combined with the unregulated and vulnerable nature of decentralized finance (DeFi) protocols and organizations, the cryptocurrency sector is a high-value target. Widespread vulnerabilities in the smart contracts that manage DeFi assets are increasingly being exploited, and the recent collapse of cryptocurrency exchanges like FTX has reaffirmed the instability of the sector.
Existing policies were largely inadequate and did not address the wide range of pre- and post-compromise considerations. Financial regulation has prioritized targeting money laundering over theft, and existing tools such as prosecution and Financial Action Task Force regulations have proven to be ineffective against intrusions and theft as well as money laundering.
Sanctions imposed by the United States in 2022 on cryptocurrency mixers (platforms used to obfuscate the origin of cryptocurrencies) such as Blender and Tornado Cash have been relatively successful compared to other punitive measures,
but
the
intrusion
and cybercrime are still rampant. This makes the cryptocurrency sector a lucrative opportunity for Lazarus to capitalize on.
So what should American policy look like?
Among the existing policies, sanctions have shown promise for the laundering aspect of the ecosystem. Last May, the United States imposed sanctions on
Blender,
a centralized cryptocurrency mixer used by North Korean threat actors . Last August, Tornado Cash was also sanctioned for the same reason, but Tornado Cash continues to operate due to its decentralized nature and cannot be isolated from the financial system like traditional organizations.
Sanctions services like Tornado Cash theoretically make it more difficult for threat actors to transfer or launder money from victims or use funds originating from a blender, creating more opportunities to recover those funds. The effectiveness of sanctions depends on whether they can be enforced, and threat actors are adept at finding ways to circumvent them. However, sanctioned organizations have reputational implications, which may affect their use. After Tornado Cash was approved, Mixer's trading volume dropped significantly. Despite these positive early data, there is an asymmetry between the threat and the response. Sanctions against mixers should also include the individuals who founded these companies, as new mixers will emerge in their place and the sanctions cycle will begin again.
Post-theft solutions should also focus on relief for victims as stolen funds are moved and laundered across the blockchain. An open and transparent central breach registry allows organizations to access information about the latest heists, similar to tracking victim payments to ransomware groups through crowdfunding. When an organization loses funds, the wallets involved in the transaction are flagged in real time and can be tracked by investigators and others in the sector. This will increase your chances and chances of seizing and recovering your funds.
Preventive measures are even more important considering the repeated use of the same exploits as the initial infection vector. The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (
NSA
) should issue guidance on how to develop secure smart contracts, as they previously did for developing secure software. In addition to secure coding, products in the traditional financial sector often undergo ‘red teaming’ activities for every release before they are made public. Auditing in the cryptocurrency sector can be seen as the equivalent of smart contracts to ensure greater due diligence when launching applications. Auditing can be used to identify vulnerabilities and provide assurance to users, ultimately hardening smart contracts against well-known compromise methods.
Although audits are gaining traction in the sector, they are not standardized, performed regularly or mandated.
Not only should the National Institute of Standards and Technology
(NIST ) issue a framework for how to conduct certification audits, but CISA and the Treasury Department should require mandatory regular audits of organizations in the cryptocurrency sector. Additionally, as with other systems that verify suppliers, auditors must be accredited to ensure that the organization providing the service is reputable.
Assuming cryptocurrencies are here for the long term (although we don't know yet), US regulators are doubling down on sanctions against mixers, aggressively tracking theft and the challenges cyber threat actors face in the cryptocurrency sector. Auditing must be institutionalized to solve this problem. Especially Lazarus.
'Crypto News' 카테고리의 다른 글
| 사이버 위크 검토: 2022년 2월 11일 (2) | 2024.01.21 |
|---|---|
| 사이버 위크 검토: 2024년 1월 12일 (2) | 2024.01.21 |
| SEC 의장은 비트코인 ETF 승인을 거부하고 X 계정이 해킹당했다고 밝혔습니다. (0) | 2024.01.16 |
| 규제 당국은 디지털 통화에 대한 더 많은 투자를 촉진할 수 있는 새로운 비트코인 자금을 승인했습니다. (0) | 2024.01.16 |
| 미국의 비트코인 ETF 승인에 한국 투자자들은 낙관적이다. (0) | 2024.01.16 |
