As war in Ukraine rages and the Putin regime continues to drive toward population centers in the former Soviet state, U.S. cybersecurity officials remain on high alert - questioning whether the Russians will elevate the cyberwar against their Western neighbor or even NATO networks.
What are the ethics of paying ransom to cybercriminals who might be working as a proxy cyber force in support of Russia's invasion of Ukraine? Realistically, whether or not to pay often comes down to a business decision. But Russia's invasion further complicates the optics for ransomware victims.
Ari Redbord of TRM Labs joins editors at ISMG to discuss President Biden's executive order on digital assets, the role of cryptocurrency in the Ukraine-Russia war and nuances for ransomware victims who consider paying a ransom, and trends in regulatory guidance and leadership for digital currency.
U.S. President Joe Biden this week issued a cryptocurrency executive order that addresses consumer protection, national security and financial stability. Ari Redbord, former senior adviser at the U.S. Treasury, calls this order "a clarion call" for crypto regulation and shares his initial reaction.
The ISMG Security Report features an analysis of the U.S. government's request for billions of dollars in tech aid to curb the global impact of the Kremlin's campaign in Ukraine. It also examines Biden's cryptocurrency executive order and why breached organizations often don't share full details.
As expected, President Joe Biden on Wednesday signed an executive order on cryptocurrency that tackles consumer protection, financial stability, national security and climate risks. The administration calls it the first whole-of-government strategy to rein in cryptocurrencies.
President Joe Biden is expected to outline a whole-of-government approach to reining in cryptocurrencies, which have been criticized for lax cybersecurity measures. Media reports say the administration will announce an executive order on crypto this week, to align the U.S. with global allies.
U.S. officials say that while it would be nearly impossible for Russia to "flip the switch" and convert to cryptocurrency to stabilize its sanctioned economy, they caution that Russian elites and entities may yet try to skirt the measures by transferring and obfuscating funds across the blockchain.
Key financial members of the U.S. Senate on Wednesday sent a letter to Treasury Secretary Janet Yellen regarding potential sanctions evasions and the department's ability to police crypto assets, as adversarial countries have previously leveraged them to fund weapons programs and for cash infusion.
Security experts, legislators and researchers are worried about fraud and money laundering related to cryptocurrency platforms during the Russia-Ukraine crisis. Researchers are already observing a spike in phishing attacks and other threat vectors targeting digital wallets.
In the latest "Proof of Concept," Grant Schneider, senior director of cybersecurity services at the law firm Venable, and Ari Redbord, head of legal and government affairs at TRM Labs, join editors at Information Security Media Group to discuss trending cybersecurity issues.
Cryptocurrency exchange Coinbase briefly halted its services Feb. 11 after a security researcher uncovered a critical vulnerability affecting its Retail Advanced Trading platform, allowing malicious users to sell BTC without owning any. The researcher who found the flaw got a $250,000 bug bounty.
The use of digital currency as legal tender continues to be prohibited in Russia, according to the Russian Ministry of Finance's draft of digital currency law, even as Russia imposes heavy regulations on crypto exchanges. Also, the Bank of Russia is testing the platform for the country's CBDC.
The latest edition of the ISMG Security Report features an analysis of takedowns of multiple Russian-language cybercrime markets and communities by Russian authorities. It also describes the role of cryptocurrencies in the banking sector and how the identity market will evolve in 2022.
Unknown hackers have stolen about $1.9 million from South Korean cryptocurrency platform KLAYswap using a Border Gateway Protocol hack in the server infrastructure of one of its suppliers even though service implementers have known about BGP hijack attacks for decades and mitigations for them exist.