Identity & Access Management (IAM) helps prevent cryptocurrency cybercrime, which is at an all-time high
November 2022 by Ralph Chammah, CEO of OwlGaze
According to Comparitech’s cryptocurrency heists tracker, hackers have stolen £7.1 billion in cryptocurrency since 2011, which is about £40.6 billion today
Recent research by Rekt reports that cybercriminals have stolen £2.6 billion through 141 different cryptocurrency exploits since January this year, putting 2022 on track to surpass 2021 in terms of digital currency malfeasance.
Although cryptocurrency thefts have increased in dollar amounts, scams, hacks, and exploits of cryptocurrency, Web3 (decentralised web technology that incorporates tokens and blockchain technologies), and blockchain-related organisations have become bolder and more lucrative for malicious hackers as the value of cryptocurrencies remains stagnant.
According to Ralph Chammah, Chief Executive Officer of OwlGaze, most digital asset storage wallet hacks were carried out after the adversary gained access to valid user accounts and consequently evaded security defenses.
“Such attacks could only be detected at a post-compromise phase after the assets have been stolen from user wallets. To detect suspicious behavior earlier in the attack chain, organisations need to proactively monitor user account activity. Defining and developing an end-to-end IAM strategy based on the principle of least privilege is fundamental intertwined with a continuous monitoring from on-boarding to off-boarding employee to privileged admin users, identity governance and administration (IGA) is a foundational security control.”
According to Miro Pihkanen, Chief Security Officer at OwlGaze: “When the digital footprint differs significantly, such as locations, browsers, patterns, and paths, Blacklight will use behavior and reputation mechanisms to challenge the identity. In the case that employees access your website from locations where your organization does not have offices, you might need to implement additional security controls or even establish access workflows. With software such as Blacklight, your business is always one step ahead. As a command center for any organisation, the cloud-native, AI-powered detection software serves as a predictive tool with a lot of intelligence built in”.
Chammah concluded: “Blockchain will play a key role in IAM for validating and verifying the integrity of systems. Cryptocurrencies are the most common use for blockchain today; however, blockchain has been used to verify the integrity of data and chain of custody for many years. Digital identities will be continuously non-repudiated through blockchain technology. By doing so, historical events can be prevented from being modified or changed. Digital identities are coming fast and a variety of different implementations are already taking place around the world. To create digital success, Privileged Access Management (PAM), IAM and Customer Identity and Access Management (CIAM) are essential.”