CybersecurityDigitalCurrencyCryptocurrencies can be notoriously volatile. With prices fluctuating rapidly and without warning, a single tweet can shift a token price by 40%, only to see the price plummet in a matter of hours. While fluctuations are expected within crypto currency, you need to be able to spot the difference between what is a normal event, and what is a scam.

Common Crypto Scams

  • Initial Coin Offering (ICO) Fraud and Investment Scams
    These are falsely advertised crypto investments, often with fake testimonials and grand promises of industry disrupting cryptocurrencies. These come complete with a well-produced website and marketing strategy, only for any invested money to simply disappear among the supposed “launch” of the currency. These Ponzi schemes of the digital currency era are also known in the community as a “rugpull”.

  • Giveaway Scams
    Celebrities often do giveaways for worthless crypto tokens; many celebrities have often not been aware that this is a criminal offence.

Types of Blockchain Attacks

  • In a Sybil Attack, a malicious actor controls multiple fake identities and tries to manipulate the communication in a P2P Cryptocurrency network.
  • In a DDOS Attack, a malicious actor aims to slow down or halt a digital currency network by overloading it with many transactions. This typically targets newer and smaller networks, as opposed to major networks such as Ethereum or Binance's BSC network.
  • In a 51% Attack, if one person or group controls more than half of the nodes on a blockchain network, they can change the transactions however they want. They may even create falsified transactions and attempt to manipulate pricing.

PII Data at Risk  

The requirement for cryptocurrency exchanges, to implement Know Your Customer (KYC) and Anti Money Laundering (AML) policies, has led to an increased need for the collection and storage of personal information. This information is often sensitive and can include Personally Identifiable Information (PII), including full passport details with associated financial information. This of course becomes not only a regulatory minefield but makes data breaches for crypto exchanges a major incident.

Third Party and Supply Chain Risks

Crypto Exchanges, like any business, rely on third party providers. This, of course, comes with the associated supply chain risks. Once this is coupled with the plethora of sensitive PII held by exchanges for the purposes of KYC and the inner workings of an exchange, Third Party Risk management, and managing data exposure to external parties, is an important consideration.

Ambiguous Regulations

The regulations covering Cryptocurrencies are scattered and lack a centralized solution. This has led to a breakdown in international co-operation when it comes to Cryptocurrency security and regulation.

EU: In the G7 Nations, The Financial Action Task Force (FATF), also known by its French name, Groupe d'action financière, is an intergovernmental organization founded in 1989 on the initiative of the G7 to develop policies to combat money laundering and to maintain certain interest.

This regulation has been coupled with the ‘Markets in Crypto-Assets’ Regulation (MiCA), which is a new EU regulation that could be used as the blueprint for other jurisdictions to follow when regulating crypto-asset related activities.

USA: The SEC and the Treasury in the USA, who have already sanctioned Crypto Exchanges in the past for Financing Terror Groups, face further challenges when regulation is implemented at a state and federal level.

Global: The FCA in the UK, and many other regulatory bodies are watching the trends of these actions, attempting to draft their own crypto-asset regulations. (Source: SecurityHQ)

By MediaBUZZ