August 23, 2018 By Kacy Zurkus 3 min read

Can you imagine if the dark web existed in the time of William Shakespeare? The soliloquies of “Othellos” nefarious Iago might have expounded on cryptocurrency securities, yet he’d likely turn around and encourage Roderigo to infiltrate your digital wallet to “put money in thy purse.”

In the play, Iago actually says, “Who steals my purse steals trash; ’tis something, nothing; ‘Twas mine, ’tis his, and has been slave to thousands.” It’s a noble thought, but those who have been victims of cryptocurrency theft most likely disagree.

According to a recent report from Reuters, cybercriminals stole $761 million worth of cryptocurrency in just the first six months of 2018. That’s nearly three times the total for all of 2017, which was a whopping $266 million, serving as evidence that malicious actors are still finding new ways to fill their digital purses.

Pursing the Threat

What does that extraordinarily high level of theft mean for cryptocurrency securities? Certainly, the current lack of regulations is a factor in the volatility and vulnerability of the market, since decentralization allows criminals to hide their identities. The currency exchanges can’t be traced, which has given rise not only to theft, but also to criminals using cryptocurrency to engage in all sorts of illicit activity, virtually without consequence.

For those reasons, there has been a lot of talk about cryptocurrency securities, with many pointing to regulations as a viable solution. While the goal of regulations is to protect investments and safeguard against fraud, there are also those bitcoin purists who resist them because, according to Shimon Brathwaite, Founder and CEO at ThreatTracer, the regulations would grant the government “control over citizens’ transactions that are all [currently] anonymous with no central body controlling them.”

Will Regulations Rescue or Restrict Crypto?

Discussions of governments regulating cryptocurrencies have grown more mainstream and begun to affect the market, but the goals of regulations go beyond reducing fluctuations in value. In fact, cryptocurrency regulations will have a huge impact on the digital currency space, said Mark Szyszkowski, co-founder of the Cryptocurrency Regulatory Commission Project.

One likely impact, according to Szyszkowski, is that roughly 85 percent of the more than 1,000 different cryptocurrencies currently in the marketplace will fall away overnight once the regulations are put in place.

“We will see that there will be less volatility, but we won’t see this until well into 2019” if we begin regulating now, Szyszkowski said.

Before that can happen, the U.S. Securities and Exchange Commission (SEC) needs to do its due diligence, which is why Szyszkowski encouraged the agency not to consider an exchange-traded fund for bitcoin earlier this month.

“To date, the SEC and CFTC [Commodity Futures Trading Commission] have not formally labeled Bitcoin as a commodity or a currency,” Szyszkowski wrote to the SEC. “The SEC has stated that Bitcoin is not a security, and sees it as a commodity, but the true nature is still a digital asset, a virtual currency based on code, which at this time does not have any classification in SEC, CFTC, or FINRA [Financial Industry Regulatory Authority], definitions or regulations.”

Technology enables faster transactions, which is why regulation supporters want to move quickly, but patience is key to getting it right and building out effective security.

“Governments need to require that cryptocurrencies vendors have adequate contingency plans, such as insurance and disaster recovery plans,” Brathwaite said.

Of additional concern is the need for a universal framework that will ensure the interoperability of cryptocurrency exchanges globally. That’s not to say cryptocurrency shouldn’t be regulated. Rather, correction needs to happen, but it has to happen responsibly, which leaves many people sitting and waiting on regulations before they know what they can do.

Should We Keep Cryptocurrency Securities Waiting?

When it comes to cryptocurrency, there is a lot to consider — not only from financial and consumer protection perspectives, but also from a cybersecurity standpoint.

“Any form of fraud done inside or outside of the cryptocurrency ecosystem is a key concern for citizens,” said Mate Tokay, chief operating officer (COO) of Bitcoin.com. “Ensuring consumers are protected from forms of fraud such as identity theft and hacking is a crucial element of cryptocurrency’s evolution.”

For that reason, many believe that cybersecurity professionals should not wait for government regulations. According to New York attorney and cryptocurrency writer Eric Pesale, cybersecurity should be front-of-mind as governments consider how to regulate cryptocurrencies.

“Having uniform cybersecurity standards in place can make these exchanges safer for first-time investors to dip their toes in,” he said. “They can also in turn reduce the likelihood of cryptocurrency flash crashes, exchange downtimes and theft, much of which can be traced back to cybercriminal activity on these platforms.”

Waiting to see what happens with regulations before deciding how to handle cryptocurrencies, on the other hand, would not be a good move for the cybersecurity industry. As Brathwaite put it, “A delayed reaction by cybersecurity professionals waiting on regulations to be made will only make hacking easier for attackers.”

While the world waits for cryptocurrency regulations to come to fruition, the cybersecurity industry should not stand idly by. Instead, it should forge ahead and leverage technologies such as blockchain and artificial intelligence (AI) to develop cryptocurrency security strategies that are built to last.

More from Banking & Finance

Exploring DORA: How to manage ICT incidents and minimize cyber threat risks

3 min read - As cybersecurity breaches continue to rise globally, institutions handling sensitive information are particularly vulnerable. In 2024, the average cost of a data breach in the financial sector reached $6.08 million, making it the second hardest hit after healthcare, according to IBM's 2024 Cost of a Data Breach report. This underscores the need for robust IT security regulations in critical sectors.More than just a defensive measure, compliance with security regulations helps organizations reduce risk, strengthen operational resilience and enhance customer trust.…

Unveiling the latest banking trojan threats in LATAM

9 min read - This post was made possible through the research contributions of Amir Gendler.In our most recent research in the Latin American (LATAM) region, we at IBM Security Lab have observed a surge in campaigns linked with malicious Chrome extensions. These campaigns primarily target Latin America, with a particular emphasis on its financial institutions.In this blog post, we’ll shed light on the group responsible for disseminating this campaign. We’ll delve into the method of web injects and Man in the Browser, and…

PixPirate: The Brazilian financial malware you can’t see

10 min read - Malicious software always aims to stay hidden, making itself invisible so the victims can’t detect it. The constantly mutating PixPirate malware has taken that strategy to a new extreme. PixPirate is a sophisticated financial remote access trojan (RAT) malware that heavily utilizes anti-research techniques. This malware’s infection vector is based on two malicious apps: a downloader and a droppee. Operating together, these two apps communicate with each other to execute the fraud. So far, IBM Trusteer researchers have observed this…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today