£900m worth of crypto stolen since 2017, GDPR could hinder research

News by Robert Abel

Cyber-criminals managed to steal US$ 1.2 billion (£900 million) in cryptocurrency in reported and unreported theft since 2017, as some researchers fear new data privacy laws may negatively impact cyber-crime studies.

Cyber-criminals managed to steal £900 million in cryptocurrency in reported and unreported theft since 2017 as some researchers fear new data privacy laws may negatively impact cyber-crime studies, according to the Anti-Phishing Working Group (APWG).

Since then the emergence of more than 1,500 digital tokens have put the spotlight on the unregulated sector of digital currencies, according to Reuters.

Of that £900 million, APWG Chairman Dave Jevans said he estimates only about 20 percent or less has been recovered as law enforcement agencies across the globe have their hands full tracking down these crimes. 

“One problem that we're seeing in addition to the criminal activity like drug trafficking and money laundering using cryptocurrencies is the theft of these tokens by bad guys,” Jevans said. 

Ilia Kolochenko, CEO of web security company High-Tech Bridge told SC Media US that unregulated cryptocurrencies are an emerging Klondike for cyber-criminals. 

“A well-prepared attack is uninvestigable, risk of persecution borders zero, while the stolen coins can be easily laundered and used for the niceties of life,” Kolochenko said. “We will likely see a continuous growth of attacks against cryptocurrency owners and processors (eg exchanges) by various means from trivial phishing to sophisticated APT attacks against the largest trading platforms.” 

Kolochenko went on the say that users should never entrust their cryptocurrency wallets to third parties and should, remain vigilante for any incoming messages, emails or hyperlinks, have an updated AV, and ensure all of their devices stay updated.

While users should always do their part in securing their data, some researchers fear new legislation may hurt their ability to study cyber-crime. Jevans said that his organisation's investigations of criminal activity will likely be negatively affected by the European Union's new General Data Protection Regulation (GDPR) going into effect today.  

“GDPR will negatively impact the overall security of the internet and will also inadvertently aid cyber-criminals,” said Jevans. “By restricting access to critical information, the new law will significantly hinder investigations into cyber-crime, cryptocurrency theft, phishing, ransomware, malware, fraud, and cryptojacking,” he added.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming Events