These days we are exposed to a dangerous thread, since the hackers find many ways to have the access to personal computers, cryptocurrency transactions processing software onto corporate networks and many other devices.
This kind of cyberattack is positioned to run a muck, it is able to take over data centers, computers and other networks and cloud environments.
We must raise the awareness of this danger and there must be a way to prevent and protect ourselves.
But since the prevention and mitigation technologies will never work well enough, the only way to protect ourselves is to make all cryptocurrency as we know it today illegal.
Blockchain – Permissioned and Permissionless
The Bitcoin and all the other altcoins are a synonim of a permissionless blockchain. Anyone can create an address from where can make interactions with the network, because there is a permissionless, public or open blockchain.
This public approach is contradictory with permissioned blockchain that in most cases are private or closed. “The permissioned Blockchain is a closed and monitored ecosystem where the access of each participant is well defined and differentiated based on role,” explains Devon Allaby, COO of Design Farm Collective. “They are created for a reason, setting up regulations for transaction which line up with the needs of an institution or its associations.
Permissioned blockchains may have struggles with the scalability and may be priced very much, but they don’t have the basic weakness that the permissionless blockchains that mark cryptocurrencies do.
The main and the most important trouble with the permissionless, open block chains is that anyone can sign up as a miner and in other words that means that criminals can do it too and there is nothing to stop them.
That does not mean that all the mining enterprises are criminal, because there are a lot of people that are miners of business, but still, criminal pursuits exist and they can purchase the mining.
Illicit crypto mining is one of the most iniquitous criminal motivations, above money laundering, tax evasion, funding terrorism or else.
Sneak into our computers and networks are very easy. You only need to visit a malevolent web page or download only one fake application and the hacker has the access.
Infiltration is a notable basic move to most cyber attacks, that follow the Cyber Kill Chain -infiltrating, installing malware, moving laterally to a valuable target, establishing a command and control (C&C) link back to the hacker, and then exfiltrating the data or funds that are the target of the attack.
When hackers want to steal some of the data, or as they wish to say – exfiltrate data, they follow this sample. Because of that, cyber currency vendors are trying to detect them and throw into disorder the steps in the Kill Chain.
On the other hand, cryptomining breaks this mold. In fact, the software is not malware and many users do it purposely and there is no need of finding a target because any PC with processor cycles to spare will do.
The mining activity could be crashed in by the threat actors as long as a PC has an Internet access and there is no exfiltration.
The facts that is the most dangerous is that illicit cryptomining can run undetected indefinitely. In the end, what is stolen are excess processor cycles and electricity, nothing else. That is why illicit cryptomining is ranked low on the list of priorities.
Regulatory agencies all around the world suggest that it is needed to “know your customer” – KYC, to conflict money laundering, which theoretically means that it will be much harder and complicated for criminals to launder the gains, if all of the entrants in a transaction have adequate details about the faction they are doing business with.
It is a fact that anybody can be a cryptocurrency miner, so the only logical thing for the same regulatory bodies to do is to institute a KYM policy.
If someone wants to manage a transaction with Bitcoin or else, he surely would like to know that the miner processing his transaction is not a criminal enterprise that has the possibility of using its share of the transaction amount to support for example terrorists or other crimes.
There are some ethical “rules” that everyone who participate in the cryptocurrency economy must stick to – the same as there are some regulatory “rules” of instituting global KYM policies. If the participants do not stick to those rules, they risk to allow an activity that is not legal despite of the fact about being criminals themselves.
Everything would be fine, but there is a little problem about the KYM, and the problem is that KYM is not able to work for a permisionless blockchain.
When someone fulfills a Bitcoin transaction, who in fact is fulfilling the transaction? Surely it is not the exchange or the merchant, it’s every miner of the blockchain.
It is true that when a transaction is made, only one miner gets the reward, but every miner carries out the transaction on its copy of the blockchain and these are some of the basics about how the blockchain work. This leads us to conclusion: if there is even one criminal in all of the minors, then that means that every minor gives support to a criminal enterprise with every conducted transaction.
Solving the problem
Companies and organizations are trying to solve this problem with the illicit cryptomining, but it is very difficult and kind of hopeless. One of the reasons is that mounting such attack is the easiest thing and to fight this kind of threads is not a priority for the future.
So the solution would be KYM which is only able to work on blockchain that are permissioned.
Also, another solution maybe a cryptocurrency-based method like Ripple that some people think of it as a‘semi-permission-ed’.
It is believed that the world of cryptocurrency will have two choices, because while permissionless based coins have value, illicit miners will approve those over Ripple and its brethren anyway. So the first choice would be to switch from permissionless to permissioned (or perhaps semi-permissioned) or completely shut down.
Surely, numerous of the characteristics that thrill the world of cryptocurrency rely on permission. In the absence of it, we only have a secure distributed database technology – which can be very useful for business purposes, but it doesn’t support the elation around cryptocurrencies today – taking in the hum around ICOs (initial coin offerings).