Tenable is the Exposure Management company. Approximately 43,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to see and secure any digital asset on any computing platform. Tenable customers include approximately 60 percent of the Fortune 500, approximately 40 percent of the Global 2000 and large government agencies. In an interaction with NCN, Mr. Satnam Narang, Sr. Staff Research Engineer, Tenable, shares his insights on the impact of cryptocurrency and digital payment with regard to its increasingly developing threat landscape.
The concept of cryptocurrency still remains a puzzle to many. Please briefly describe cryptocurrency and how it is different from normal currency and digital transactions.
The genesis of cryptocurrency began with Bitcoin, which started with a whitepaper published in 2008 describing a peer-to-peer electronic cash system that is decentralized, meaning it does not require a central authority to govern it. To facilitate this system, Bitcoin pioneered the concept of what is known as a blockchain to keep a digital ledger of transactions. It is secured using cryptographic techniques. Since its introduction, we’ve seen a boom of alternative cryptocurrencies, from Ethereum and Litecoin to Avalanche, Solana and many more. The goal behind cryptocurrencies was to address some of the challenges of traditional finance, making it more globally accessible.
What are the advantages and risks associated with trading in cryptocurrency?
Unlike traditional finance, transactions that occur in cryptocurrency are often irreversible, which is why scammers have flocked to targeting users of cryptocurrency as well as promoting cryptocurrencies to unsuspecting users that know little to nothing about them.
Would you recommend people get involved or trade in cryptocurrency?
I would encourage users interested in cryptocurrency to speak with their financial advisor or to do their own research before investing in cryptocurrency.
In what ways have cryptocurrency and digital payments become enablers for increasing cyberattacks?
The lack of understanding and uncertainty around cryptocurrency creates a ripe opportunity for scammers to take advantage of unsuspecting users. Scammers can move funds around quickly, and use services designed to help obfuscate their transactions, making them harder to trace (though not entirely impossible). Because at its core, cryptocurrency is centered around decentralization, it makes it harder for users to recoup stolen funds.
What role has cryptocurrency played in 2022 in ransomware attacks? What do you foresee for 2023 in this area?
Ransomware historically used to rely on gift cards and prepaid debit and credit cards as their form of soliciting ransom from their victims. However, cryptocurrencies have made it that much easier for ransomware groups to siphon off anywhere between hundreds of thousands to millions from their victims, especially now that cryptocurrency has become more mainstream.
What are some of the tactics cryptocurrency scammers utilise today in the age of social media and digital normalcy?
A lot of the tried and true techniques still work. The most common is the advanced-fee fraud tactic, whereby scammers will promote fake giveaways on social media from known individuals like Elon Musk as well as known cryptocurrency figures like Vitalik Buterin, co-founder of Ethereum. These giveaways talk about how users can double their cryptocurrency by sending a small to large sum to a cryptocurrency address and they will receive back double. Naturally, this never occurs. However, what has grown in the last few years are phishing attacks, where scammers impersonate websites of known cryptocurrency protocols like Arbitrum Foundation, zkSync, and non-fungible token (NFT) (also known as digital art) projects like Bored Ape Yacht Club, Azukis and other smaller projects. By creating these phishing sites, they convince users to connect their digital wallets to the websites, giving them the ability to transfer out all funds and NFTs from a victim’s wallet.
How can business leaders and organisations best prepare their digital assets from cryptocurrency-related hackers in 2023?
The most secure way to protect one’s digital assets from hackers is to store them on a cold storage solution, such as a hardware wallet, paper wallet or offline computers. They are not immune to theft or loss, but they are more secure than storing them in hot wallets, which are software-based cryptocurrency wallets like browser-extensions like MetaMask, Trust Wallet, Coinbase Wallet, and others, which are more susceptible to phishing attacks.
How is Tenable helping individuals and organizations to protect themselves from cryptocurrency scammers?
While Tenable does not offer any type of solutions for cryptocurrency attacks, I strive to keep users informed about the types of scams that are out there through blog content and interviews to spread awareness and hopefully save users from falling victim to these scams.
If you have an interesting Article / Report/case study to share, please get in touch with us at editors@roymediative.com/ roy@roymediative.com, 9811346846/9625243429.
