Cryptocurrencies and deep-fake technology are sending chills throughout the US government, with cyber crooks embracing digital innovations so rapidly that law enforcement can barely keep up, according to the Federal Bureau of Investigation.
"Crypto is the primary currency, the primary vehicle, to facilitate extortion payments. It’s the only game in town,” Bryan Vorndran, assistant director of the FBI’s Cyber Division, said in a Bloomberg virtual panel discussion on cybersecurity Tuesday. "We all know the blockchain offers us some opportunities, but the ability to pay crypto, script it immediately into a tumbler, whether through an extortion payment or theft, is a huge, huge challenge for us.”
Criminals love Bitcoin in particular because it’s effectively unhackable and, unlike cash, can be transferred in large amounts almost instantly without ever touching the banking system. For those reasons, the virtual token is almost always the form of payment demanded in ransomware attacks, such as those using malware to paralyse computer networks.
Last May, a Russia-linked group later identified as DarkSide crippled Colonial Pipeline Co until the company paid almost US$5mil (RM20mil) in cryptocurrency. The following month, US officials said they recovered 63.7 of the 75 Bitcoin involved.
Meatpacker JBS SA and even the Washington police department are among the other organisations victimised by ransomware groups.
The FBI discourages companies from submitting to extortion because, it argues, the funds serve only to embolden bad actors and augment their capabilities.
Recently, the bureau has developed evidence suggesting that criminal gangs in Russia and Eurasia have set up call centres to professionalise their ransomware businesses, and are sharing data gathered from victims, Vorndran said.
A growing area of concern for officials is so-called synthetic content, colloquially known as "deep fakes.” Advances in computing technology have leapfrogged from lab settings into the real world, allowing criminals to deceive, misinform and defraud by impersonating others. Vorndran said such technology and it’s potential to erode democracy is one of the things that keeps him up at night.
"When you look at biometric authentication, facial recognition, digital footprints, mimicking voices, these things are huge, huge challenges to law enforcement, to the intelligence community in the next 5-10 years,” he said. "The synthetic content piece is something that is a fascinating discussion but also a very, very scary discussion.”
One persistent problem for the US government is the lack of reporting by companies and other organisations when cyberattacks happen. The reasons for that hesitancy range from ignorance to mistrust of the government’s motives.
Vorndran said the government estimates it has data on only 20% to 25% of domestic cyber breaches, a data set too small to be very useful, especially when trying to anticipate what adversaries will do next. Joining him in urging more cooperation from the private sector is Eric Goldstein, the executive assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency, or CISA.
"The best thing we can do as the US government to help resolve hesitation is by showing value, is by showing organisations that by engaging with CISA, engaging with the FBI, they will get information, expertise, support, the ability to collaborate seamlessly across sectors, that can help them to protect their enterprise and help them to protect their customers,” said Goldstein, who also participated in the Bloomberg panel. – Bloomberg