Throughout the first half of 2018, several major incidents have had a profound impact across the cybersphere, and we are beginning to see their full ramifications.
CRYPTOCOIN’S CRASH
One of the most significant trends that has shaped the online environment is the meteoric rise and recent crash of cryptocurrency, which has impacted the global economy in a way that’s reminiscent of the dot-com crash in the early 2000s. At its height, cryptocurrency led by the likes of Bitcoin, Ethereum and Litecoin represented the first real promise of large scale financial decentralization. Starting as a fringe concept, it was on the verge of becoming a mainstream and legitimate fiat, until its promise fell flat. In fact, many have1 called crypto’s 80 percent dive worse than the dot-com crash. That being said, criminal actors still exploited the situation. North Korea took a prominent role and has evolved from a fairly minor nation-state cyber entity to a formidable criminal actor. This, in conjunction with the ever-growing proliferation of advanced persistent threat groups (APTs) and advanced attack tools in China and Russia, has prompted governments and law enforcement agencies to seek measures to curb this tide of rapidly evolving threats. We have seen the results of this effort in recent months. This includes the arrest of the head of the Russian criminal group FIN7, and the indictment of the North Korean hacker allegedly behind major attacks including WannaCry.2 Another such effort was Operation Darkness Falls, an FBI-led international operation that took down multiple top Darknet vendors. This was the latest of notable law enforcement activity against Darknet illegal trade, which has been one of the key channels of cryptocoin use. Consequently, throughout 2018, Darknet activity has experienced a significant scale-turn, with many actors abandoning Darknet markets and either moving to private Darknet forums or to clear-web platforms3 such as Telegraph. Furthermore, due to diminishing returns following the crash of many cryptocurrencies, cryptomining attacks, aka cryptojacking, are no longer as cost effective as they were in mid-2018.4 While still relatively widespread , in Q3 many actors appeared to have shifted their focus back to more traditional and lucrative criminal venues such as ransomware and Business Email Compromise schemes — now with the added benefits of new funds, tools and experience.
THE EROSION OF INFO-SECURITY
Another continued trend is the erosion of basic recommended info-sec behavior amongst individuals, companies and organizations. Cynical net-neutrality laws, consolidation of personal data among a handful of companies, growing dependency on interconnected devices (IoT)8 , and the constant barrage of online threats and data breaches, have all fatigued the general population on this matter. Moreover, a recent report9 found that more than 90 percent of U.S. retailers’ websites are noncompliant with the industry security standard, Payment Card Industry Data Security Standard (PCI DSS). For example, it was recently reported10 that customers of online retailer Newegg had their cards skimmed for a full month, and a U.S. government payment service exposed records of more than 14 million customers because of a website error.11 In response, many individuals are giving up on obtaining full control of their digital presence; accepting ‘transparency’ in return for convenience. Beyond the ethical privacy implications of this issue, the immediate ramifications are that malicious actors increasingly leverage the complacency of employees and organizations to execute seemingly basic attacks with potentially severe outcomes.
