August 23, 2018 By Kacy Zurkus 3 min read

Can you imagine if the dark web existed in the time of William Shakespeare? The soliloquies of “Othellos” nefarious Iago might have expounded on cryptocurrency securities, yet he’d likely turn around and encourage Roderigo to infiltrate your digital wallet to “put money in thy purse.”

In the play, Iago actually says, “Who steals my purse steals trash; ’tis something, nothing; ‘Twas mine, ’tis his, and has been slave to thousands.” It’s a noble thought, but those who have been victims of cryptocurrency theft most likely disagree.

According to a recent report from Reuters, cybercriminals stole $761 million worth of cryptocurrency in just the first six months of 2018. That’s nearly three times the total for all of 2017, which was a whopping $266 million, serving as evidence that malicious actors are still finding new ways to fill their digital purses.

Pursing the Threat

What does that extraordinarily high level of theft mean for cryptocurrency securities? Certainly, the current lack of regulations is a factor in the volatility and vulnerability of the market, since decentralization allows criminals to hide their identities. The currency exchanges can’t be traced, which has given rise not only to theft, but also to criminals using cryptocurrency to engage in all sorts of illicit activity, virtually without consequence.

For those reasons, there has been a lot of talk about cryptocurrency securities, with many pointing to regulations as a viable solution. While the goal of regulations is to protect investments and safeguard against fraud, there are also those bitcoin purists who resist them because, according to Shimon Brathwaite, Founder and CEO at ThreatTracer, the regulations would grant the government “control over citizens’ transactions that are all [currently] anonymous with no central body controlling them.”

Will Regulations Rescue or Restrict Crypto?

Discussions of governments regulating cryptocurrencies have grown more mainstream and begun to affect the market, but the goals of regulations go beyond reducing fluctuations in value. In fact, cryptocurrency regulations will have a huge impact on the digital currency space, said Mark Szyszkowski, co-founder of the Cryptocurrency Regulatory Commission Project.

One likely impact, according to Szyszkowski, is that roughly 85 percent of the more than 1,000 different cryptocurrencies currently in the marketplace will fall away overnight once the regulations are put in place.

“We will see that there will be less volatility, but we won’t see this until well into 2019” if we begin regulating now, Szyszkowski said.

Before that can happen, the U.S. Securities and Exchange Commission (SEC) needs to do its due diligence, which is why Szyszkowski encouraged the agency not to consider an exchange-traded fund for bitcoin earlier this month.

“To date, the SEC and CFTC [Commodity Futures Trading Commission] have not formally labeled Bitcoin as a commodity or a currency,” Szyszkowski wrote to the SEC. “The SEC has stated that Bitcoin is not a security, and sees it as a commodity, but the true nature is still a digital asset, a virtual currency based on code, which at this time does not have any classification in SEC, CFTC, or FINRA [Financial Industry Regulatory Authority], definitions or regulations.”

Technology enables faster transactions, which is why regulation supporters want to move quickly, but patience is key to getting it right and building out effective security.

“Governments need to require that cryptocurrencies vendors have adequate contingency plans, such as insurance and disaster recovery plans,” Brathwaite said.

Of additional concern is the need for a universal framework that will ensure the interoperability of cryptocurrency exchanges globally. That’s not to say cryptocurrency shouldn’t be regulated. Rather, correction needs to happen, but it has to happen responsibly, which leaves many people sitting and waiting on regulations before they know what they can do.

Should We Keep Cryptocurrency Securities Waiting?

When it comes to cryptocurrency, there is a lot to consider — not only from financial and consumer protection perspectives, but also from a cybersecurity standpoint.

“Any form of fraud done inside or outside of the cryptocurrency ecosystem is a key concern for citizens,” said Mate Tokay, chief operating officer (COO) of “Ensuring consumers are protected from forms of fraud such as identity theft and hacking is a crucial element of cryptocurrency’s evolution.”

For that reason, many believe that cybersecurity professionals should not wait for government regulations. According to New York attorney and cryptocurrency writer Eric Pesale, cybersecurity should be front-of-mind as governments consider how to regulate cryptocurrencies.

“Having uniform cybersecurity standards in place can make these exchanges safer for first-time investors to dip their toes in,” he said. “They can also in turn reduce the likelihood of cryptocurrency flash crashes, exchange downtimes and theft, much of which can be traced back to cybercriminal activity on these platforms.”

Waiting to see what happens with regulations before deciding how to handle cryptocurrencies, on the other hand, would not be a good move for the cybersecurity industry. As Brathwaite put it, “A delayed reaction by cybersecurity professionals waiting on regulations to be made will only make hacking easier for attackers.”

While the world waits for cryptocurrency regulations to come to fruition, the cybersecurity industry should not stand idly by. Instead, it should forge ahead and leverage technologies such as blockchain and artificial intelligence (AI) to develop cryptocurrency security strategies that are built to last.

More from Banking & Finance

Virtual credit card fraud: An old scam reinvented

3 min read - In today's rapidly evolving financial landscape, as banks continue to broaden their range of services and embrace innovative technologies, they find themselves at the forefront of a dual-edged sword. While these advancements promise greater convenience and accessibility for customers, they also inadvertently expose the financial industry to an ever-shifting spectrum of emerging fraud trends. This delicate balance between new offerings and security controls is a key part of the modern banking challenges. In this blog, we explore such an example.…

Cost of a data breach 2023: Financial industry impacts

3 min read - According to the IBM Cost of a Data Breach Report 2023, the global average cost of a data breach in 2023 was $4.45 million, 15% more than in 2020. In response, 51% of organizations plan to increase cybersecurity spending this year. For the financial industry, however, global statistics don’t tell the whole story. Finance firms lose approximately $5.9 million per data breach, 28% higher than the global average. In addition, evolving regulatory concerns play a role in how financial companies…

Gozi strikes again, targeting banks, cryptocurrency and more

3 min read - In the world of cybercrime, malware plays a prominent role. One such malware, Gozi, emerged in 2006 as Gozi CRM, also known as CRM or Papras. Initially offered as a crime-as-a-service (CaaS) platform called 76Service, Gozi quickly gained notoriety for its advanced capabilities. Over time, Gozi underwent a significant transformation and became associated with other malware strains, such as Ursnif (Snifula) and Vawtrak/Neverquest. Now, in a recent campaign, Gozi has set its sights on banks, financial services and cryptocurrency platforms,…

The rise of malicious Chrome extensions targeting Latin America

9 min read - This post was made possible through the research contributions provided by Amir Gendler and Michael  Gal. In its latest research, IBM Security Lab has observed a noticeable increase in campaigns related to malicious Chrome extensions, targeting  Latin America with a focus on financial institutions, booking sites, and instant messaging. This trend is particularly concerning considering Chrome is one of the most widely used web browsers globally, with a market share of over 80% using the Chromium engine. As such, malicious…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today