Carole House, Director of Cybersecurity with the White House National Security Council, recently discussed online security issues at the FinCrime Virtual Week.
Blockchain security firm CipherTrace notes in a recent update that headlines such as the Colonial Pipeline Ransomware attack indicate that cybercrime is “on the rise with no end in sight.” The need or requirement for crypto intelligence built from immutable blockchain data has “never been clearer,” according to CipherTrace.
As stated in a blog post published by CipherTrace, attacks on critical infrastructure and financial institutions have “accelerated at an alarming rate.” The Biden administration has noted that “cybersecurity resilience” is now a key priority for the United States government.
A recent US Security Directive “requires owners and operators of Transportation Security Administration (TSA) designated critical pipelines to adopt measures to protect against ransomware attacks and other threats,” the CipherTrace team noted.
House has stated:
“There are responsibilities for the US government as well as private industries to defend their own information and networks.“
Events such as the Colonial Pipeline attack have made it quite clear that what House refers to as “basic cyber hygiene ” must be implemented. Without preventive security, criminals are “getting into critical infrastructure networks,” CipherTrace’s blog noted while adding that Cyberattacks usually lead to economic and “reputational” damage that has “far-reaching effects on the viability of any business.”
As a cybersecurity professional, House has advised the following “preventive’ measures:
- Backing up your systems (ie: disaster recovery), including your images and data configurations
- Regularly testing your back-up plans to make sure they are in working order for effective business continuity
- Frequent update and patching of your IT & network systems
- Creating an incident response planning and testing plan on a regular basis
- Segmenting your networks
Taking such preventive measures, before a cyberattacks actually takes place, should assist organizations with defending against cyber hacks, the CipherTrace team noted while adding that it’s very important for organizations to have a clear plan for what House refers to as a “timely remediation” of a cyberattack.
“Focused” investigation and preventative measures are “necessary,” the CipherTrace team wrote while suggesting that organizations need “to understand what the scope and impact of a cyberattack could be and make them part of a business continuity plan.”
House also noted:
“At some point, it’s likely that there is a transaction going through your ecosystem that has something to do with financial crime. There is a really unique picture that you can offer related to these criminal networks. The unique aspect of criminal networks and cybercrime come when you’re looking at attribution via money laundering channels and cybercrime channels. You may notice very different skills sets used in different networks.”
House also mentioned:
“There is an opportunity for compliance professionals to work with the security centers and to find those indicators of compromise, malicious URLs, e-mail addresses, PII addresses and time stamps associated with these malicious logins. When you’ve identified that there’s an account takeover that has occurred or if you’ve found out that a financial institutions customer was defrauded through business email compromise fraud.”
Any information of this nature that compliance professionals can provide about these malicious should be shared “to help all institutions be prepared to defend against a cyberattack.”
As noted in the update from CipherTrace:
“Just as any financial asset has the possibility to be exploited, so do cryptocurrencies and digital assets. There are always vulnerabilities that criminals can find. Criminals seem to favor cryptocurrencies as the method of payment in the commission of a crime or in the request for ransomware.”
When dealing with cybercrime, it is quite likely that cryptocurrency has been “used for money laundering,” the CipherTrace team noted while pointing out that what was once viewed as only being a wire transfer problem, has now “extended to automated clearing house( ACH) transfers and even the use of gift cards.”
Cryptocurrency has become “more attractive” to criminals because of the “efficiency of crypto cross-border transfers and the speed of crypto transactions.” These features are “attractive” to money launders that may be trying “to fund terrorist or illegal activities.”
But crypto offers “additional traceability and partnership to be able to identity illicit financial trails and to hold actors accountable,” House noted, while acknowledging that there are “positives and negatives with these assets.”
For more details on this update from CipherTrace, check here.