- 1 U.S. regulators are looking at crypto-related areas, touching on financial regulation, economic innovation and national security.
- 2 The “Pandora Papers” by the International Consortium of Investigative Journalists
- 3 The Office of Foreign Assets Control (OFAC) of the United States Treasury Department
- 4 Cryptocurrency and intellectual property espionage
Regulators in the United States are investigating crypto-related issues, including financial regulation, economic innovation, and national security.
Regulators’ concerns about the absence of investor safeguards in the cryptocurrency market, which has grown to more than $2 trillion in value, and the potential threats to financial stability have recently dominated news headlines.
Several high-profile incidents of cryptocurrency being used in ransomware attacks, intellectual property espionage, sanctions violations, bribery of government officials, and tax fraud are being investigated by national security agencies across President Joe Biden’s administration.
According to a recent report from the Financial Crimes Enforcement Network, ransomware-related suspicious activity reports filed during the first half of 2021 were up 30% from the same period in 2020, indicating that ransomware is becoming a more serious threat to the financial sector, businesses, and the general public in the United States.
The Biden administration is considering issuing an executive order directing federal agencies to research and provide suggestions on topics pertaining to national security, economic innovation, and financial regulation in the crypto business. The project would also try to organize the executive branch’s work on digital currencies, with the first-ever White House crypto czar serving as a point person.
The “Pandora Papers” by the International Consortium of Investigative Journalists
The “Pandora Papers” were published by the International Consortium of Investigative Journalists, which leaked nearly 12 million documents from law firms and other organizations around the world, revealing the previously unknown owners of 29,000 offshore companies hiding up to $32 trillion in assets from taxation and regulatory oversight in tax havens.
Celebrities, political leaders, and criminal underworld figures from over 200 countries are among the firms’ owners. Several government officials have already been investigated for corruption and tax evasion as a result of the leak.
Meanwhile, a World Economic Forum research outlines how blockchain technology might help countries combat corruption.
The Office of Foreign Assets Control (OFAC) of the United States Treasury Department
Suex, an over-the-counter digital currency broker, was recently targeted by the Office of Foreign Assets Control (OFAC) in a first-of-its-kind prosecution for its alleged participation in laundering the profits of ransomware attacks. The operation was part of a larger government-wide campaign to combat ransomware and disrupt criminal networks and crypto exchanges that aid in the laundering of ransoms. The purpose is to strengthen cybersecurity in the commercial sector and to boost incident and ransomware payment reporting to US government authorities.
Because digital currency is the primary way of conducting ransomware payments and related money laundering operations, this covers both the Treasury Department and law enforcement under the Anti-Money Laundering/Countering the Financing of Terrorism (AML/CFT) framework.
OFAC issued a “Updated Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments” in response to this case. The amended advise underscores that paying cyber ransoms or extortion demands is still strongly discouraged by the US government, but that it acknowledges the need of improving cybersecurity measures to avoid or minimize such assaults.
In the event of a ransomware attack, the OFAC updated the advisory to emphasize the importance of reporting to and cooperating with the appropriate government and law enforcement agencies in order to better understand and counter ransomware attacks and malicious cyber actors, as well as for attack victims to receive voluntary self-disclosure credit if a sanctions nexus is later determined. Visit the government’s Stop Ransomware website for additional information.
Given the global financial risks of ransomware and money laundering posed by digital assets, participants at the G7 meeting in June agreed to work together to effectively and expeditiously address this escalating risk by implementing and enforcing the Financial Action Task Force’s anti-money laundering standards on digital assets and virtual asset service providers.
Cryptocurrency and intellectual property espionage
Cryptocurrency has also been linked to intellectual property espionage in other recent incidents and investigations. When Ethereum developer Virgil Griffith gave a cryptocurrency and blockchain presentation at a North Korean conference in 2019, he pleaded guilty to conspiring to violate the International Emergency Economic Powers Act, which prohibits U.S. citizens from exporting technology and intellectual property to communist countries. Griffith could face up to 6 1/2 years in jail as part of the plea agreement when he is sentenced in January 2022.
According to the Justice Department, Jonathan Toebbe, a U.S. Navy nuclear engineer with a top-secret security clearance who specialized in naval nuclear propulsion — and had access to military secrets — was charged in October with attempting to pass information about the design of American nuclear-powered submarines to someone he thought was a representative of a foreign government in exchange for cryptocurrency in violation of the Atomic Energy Act.
“Operation GhostShell: Novel RAT Targets Global Aerospace and Telecoms Firms,” a new research from Cybereason, a supplier of campaign-centric cyberattack defense, unmasks a highly concentrated cyberespionage operation targeting global aerospace and telecoms firms.
The research, which comes after the firm’s “DeadRinger” report was published in August, reveals a newly identified Iranian actor, called MalKamak, who was behind the assaults and has been active since at least 2018. MalKamak has been employing “ShellClient,” a previously unknown, very sophisticated remote access Trojan that evades antivirus and other security solutions and leverages Dropbox as a command and control center.
Since at least 2019, a cyberespionage gang known as FamousSparrow has targeted hotels, foreign governments, international organizations, engineering businesses, and legal firms, according to data provided by Slovak security vendor ESET. The organization attacked its targets, which included the United States, by exploiting a known Microsoft Exchange vulnerability — which was also used by suspected Chinese hackers and scammers looking to mine cryptocurrencies.
The Republican Governors Association (RGA) is a group of governors who ESET found parallels between FamousSparrow’s tactics and those of SparklingGoblin, a spinoff of Winnti Group — which is tied to China — and DRBControl, although not linking FamousSparrow to a specific country.
In July, the US government accused China of exploiting the Microsoft Exchange Server attacks and — for the first time — of using criminal hackers to carry them out, releasing a report warning of China’s ongoing targeting of the defense, semiconductor, medical, and other industries in order to steal intellectual property.