Blockchain and Nefarious Use A peek under the surface
Mariusz Nowostawski
Norwegian University of Science and Technology IDI NTNU
SwissRE - January 2017 NTNU
→ University
IDI
Introduction → Computer Science
CCIS
→ Centre for Cyber and
Information Security NTNU.no
Norwegian University of Science and Technology
● Oldest and largest campus in Norway ● 49k students ● Spread over 4 campuses ● Largest Computer Science department ● Strong research in AI, Peer-to-Peer systems ● Strong programming focus curriculum CCIS.no
Centre for Cyber and Information Security
→ Consortium of 26 academic and industrial partners
Focus on:
● Security research ● Cyber defence ● Forensics (Testimon group) ● Critical infrastructure ● Malware and Dark Web The Team
I am part of Testimon Group
Prof. Katrin Franke
Prof. Slobodan Petrovic
Assoc. Prof. Stefan Axelsson
PhD: Dmytro Pyatkovsky
MSc: multiple students About me
● Computer Scientist ● Coder ● Lecturer ● Entrepreneur
Research Interests
● P2P systems, Mobile systems, Web technologies ● Decentralized Systems ● Autonomous Systems Technology Enthusiasts
Libertarians Blockchain Speculators/Investors Commercial Companies People
Criminals → big and small DarkWeb marketplaces
Anonymous currencies
Nefarious Use Malware
Of Blockchain Technology Ransomware Other uses Darkweb Marketplaces
Market size: 300M USD/annum (2016), estimated 1B USD (2017)
● Drugs ● Fake IDs ● Counterfeit currency ● Compromised data, eg. payment cards, online account credentials ● Malware and Ransomware kits ● Weapons, real and cyber ● Explosives ● Chemical substances ● Guides for criminals/crackers/blackhat hackers Darkweb Marketplaces
It looks as of scammers are using it to collect premiums from naive users:
● Terrorists funding sites ● Murder orders, Murder for hire offers ● Terrorist attack orders
There is some evidence suggesting that those darkweb sites are mostly fake. Darkweb Marketplaces
● Need for anonymous, digital payment system Emergence of: ● Bitcoin natively is not anonymous ● ● Deanonymization industry ● Mixing services, ring signatures, and so on Note ○ Fake mixing services ○ Fake vanity address generators ● The need for anonymity and privacy strongly ○ Compromised privacy conscious correlates with Darkweb Marketplaces, but it ● Anonymous currencies and mixing services ○ is not limited to Darkweb. The same need Monero, Dash, Cloak, Nav ● New research projects, and research drives commercial companies research, and progress libertarians ○ ZeroCoin, ZCash ● Stronger need for anonymity in the blockchain from the industry too ● Privacy considerations Static content offering Child Abuse Subscriptions
[mostly not disclosed] Crowdfunding campaigns 2016 Ransomware The year of Frictionless payment system Ransomware enables innovative use cases Ransomware
Facts: RaaS
● Market size: estimated to reach 1B USD in Ransomware as a Service 2017 ● Often offered for free ● Almost all ransomware payment requests in ● Profits split between the software vendor Bitcoins (which is actually a good thing!) and the attacker ● Targets anything: ● 40% of SPAM emails are linked to ○ Laptops, TVs, smartphones, backup systems Ransomware attacks ● 70% of victims pay the fee ● 20% of victims report fees >40k USD ○ E.g. light train network in SF area In the future: ○ Hospital in Holywood ● Majority of attacks are not reported All of this can be automated and autonomous ○ Fear of lawsuits, loss of customer trust, etc Extortion
● AdultFriendFinder data leak, leads to massive number of extortion cases ○ Over 3.5 mln e-mail addresses and contact details leaked ● Scams, fake threats ● DDoS attack threats ● Kidnapping threats, and real kidnapping ● Hijacking threats, and real hijacking
Note
The picture from movies of criminals asking for a drop of bag full of unmarked cash somewhere in a public dumpster... is gone. Old-fashioned. Modern way: use cryptocash Malware
The rise of Malware
Huge growth for both, virtuous and nefarious purposes
● Best, and often the only way, to circumvent encryption and end-to-end security ● Wallet stealing trojans ● Clipboard malware (replaces real bank account, account hash, with attacker address) ● Mining botnets (for non-ASIC mining protocols) Other attack vectors
● Surge in attacks targeting crypto currencies companies and projects ● Many exchange failures: ○ Cryptsy, Shapeshift, Gatecoin, Bitfinex, Bitcurex, TheDAO ● The hype drives surge in scams, eg. high-yield investment programs ● Clever social engineering tricks for Bitcoin and virtual currency owners ○ For example after exchange failures, scams to supposedly “recover” the funds ● But… no Nigerian scammers is asking for Bitcoin donations. Wrong audience to fall victim of this type of scam. Is Ransomware a good thing? Upside What good does nefarious use do
for Blockchain technology? Upside
Ransomware is a good thing, because:
● It will surge, and subsequently, it must die out! ● It leads to stronger and improved security ● Increases the awareness, and better protections being used
Blockchain technology abuse leads to:
● Hardened systems, protocols, and improvement to the core technologies ● Harder, or impossible to circumvent ● Improved anonymity and privacy ● Provides the needed socio-technical balance Interesting recent developments
ZK-SNARKs and ZCash → huge improvement in efficiency:
● Validation: 40ms ● Tx creation: 90-160 seconds
Signature aggregation
BLS signatures
IBE, Identity Based Encryption
Secure multi-party computing Some of our projects
● Simulation and modelling of human and technical factors ● Autonomous, anonymous and decentralized institutions ● Scalability, off-chain transactions, Lightning Network attacks ● Fog of War: how to play strategy games without a trusted 3rd party Conclusions Good vs. Evil Conclusions
● Nefarious use will continue ● Systems will evolve and improve, because of it, and in spite of it ● All implications of new technical advancements need to be taken in socio-technical context
Security, Anonymity and Autonomy
● Those areas will achieve a lot of attention, and will subsequently improve ● System will become more secure, more anonymous, and more resilient ● Technical advancements will enable new types of criminal activities ● Technology also improves the criminal “business as usual” models
Some innovation in blockchain technology originates in Academia. Some in Darkweb. Thank you
Assoc. Prof. Mariusz Nowostawski Twitter: @praeteritio
NTNU, Norway Skype: nowostawski
http://ccis.no http://ntnu.no/ansatte/mariuszn Basic Copyright Notice & Disclaimer
©2017 This presentation is copyright protected. All rights reserved. You may download or print out a hard copy for your private or internal use. You are not permitted to create any modifications or derivatives of this presentation without the prior written permission of the copyright owner.
This presentation is for information purposes only and contains non-binding indications. Any opinions or views expressed are of the author and do not necessarily represent those of Swiss Re. Swiss Re makes no warranties or representations as to the accuracy, comprehensiveness, timeliness or suitability of this presentation for a particular purpose. Anyone shall at its own risk interpret and employ this presentation without relying on it in isolation. In no event will Swiss Re be liable for any loss or damages of any kind, including any direct, indirect or consequential damages, arising out of or in connection with the use of this presentation.