Upload
others
View
0
Download
0
Embed Size (px)
Citation preview
Blockchain and Nefarious UseA peek under the surface
Mariusz Nowostawski
Norwegian University of Science and TechnologyIDI NTNU
SwissRE - January 2017
Introduction
NTNU
→ University
IDI
→ Computer Science
CCIS
→ Centre for Cyber and
Information Security
NTNU.no Norwegian University of Science and Technology
● Oldest and largest campus in Norway● 49k students● Spread over 4 campuses● Largest Computer Science department● Strong research in AI, Peer-to-Peer systems● Strong programming focus curriculum
CCIS.no
Centre for Cyber and Information Security
→ Consortium of 26 academic and industrial partners
Focus on:
● Security research● Cyber defence● Forensics (Testimon group)● Critical infrastructure● Malware and Dark Web
The Team
I am part of Testimon Group
Prof. Katrin Franke
Prof. Slobodan Petrovic
Assoc. Prof. Stefan Axelsson
PhD: Dmytro Pyatkovsky
MSc: multiple students
About me
● Computer Scientist● Coder● Lecturer● Entrepreneur
Research Interests
● P2P systems, Mobile systems, Web technologies● Decentralized Systems● Autonomous Systems
BlockchainPeople
Technology Enthusiasts
Libertarians
Speculators/Investors
Commercial Companies
Criminals → big and small
Nefarious UseOf Blockchain Technology
DarkWeb marketplaces
Anonymous currencies
Malware
Ransomware
Other uses
Darkweb Marketplaces
Market size: 300M USD/annum (2016), estimated 1B USD (2017)
● Drugs● Fake IDs● Counterfeit currency● Compromised data, eg. payment cards, online account credentials● Malware and Ransomware kits● Weapons, real and cyber● Explosives● Chemical substances● Guides for criminals/crackers/blackhat hackers
Darkweb Marketplaces
It looks as of scammers are using it to collect premiums from naive users:
● Terrorists funding sites● Murder orders, Murder for hire offers● Terrorist attack orders
There is some evidence suggesting that those darkweb sites are mostly fake.
Darkweb Marketplaces● Need for anonymous, digital payment system● Bitcoin natively is not anonymous●
Note
● The need for anonymity and privacy strongly correlates with Darkweb Marketplaces, but it is not limited to Darkweb. The same need drives commercial companies research, and libertarians
Emergence of:
● Deanonymization industry● Mixing services, ring signatures, and so on
○ Fake mixing services○ Fake vanity address generators○ Compromised privacy conscious
● Anonymous currencies and mixing services○ Monero, Dash, Cloak, Nav
● New research projects, and research progress○ ZeroCoin, ZCash
● Stronger need for anonymity in the blockchain from the industry too
● Privacy considerations
Child Abuse[mostly not disclosed]
Static content offering
Subscriptions
Crowdfunding campaigns
RansomwareFrictionless payment system enables innovative use cases
2016
The year of Ransomware
RansomwareFacts:
● Market size: estimated to reach 1B USD in 2017
● Almost all ransomware payment requests in Bitcoins (which is actually a good thing!)
● 40% of SPAM emails are linked to Ransomware attacks
● 70% of victims pay the fee● 20% of victims report fees >40k USD
○ E.g. light train network in SF area○ Hospital in Holywood
● Majority of attacks are not reported○ Fear of lawsuits, loss of customer trust, etc
RaaS
Ransomware as a Service
● Often offered for free● Profits split between the software vendor
and the attacker● Targets anything:
○ Laptops, TVs, smartphones, backup systems
In the future:
All of this can be automated and autonomous
Extortion
● AdultFriendFinder data leak, leads to massive number of extortion cases○ Over 3.5 mln e-mail addresses and contact details leaked
● Scams, fake threats● DDoS attack threats● Kidnapping threats, and real kidnapping● Hijacking threats, and real hijacking
Note
The picture from movies of criminals asking for a drop of bag full of unmarked cash somewhere in a public dumpster... is gone. Old-fashioned. Modern way: use cryptocash
Malware
The rise of Malware
Huge growth for both, virtuous and nefarious purposes
● Best, and often the only way, to circumvent encryption and end-to-end security● Wallet stealing trojans ● Clipboard malware (replaces real bank account, account hash, with attacker
address)● Mining botnets (for non-ASIC mining protocols)
Other attack vectors
● Surge in attacks targeting crypto currencies companies and projects● Many exchange failures:
○ Cryptsy, Shapeshift, Gatecoin, Bitfinex, Bitcurex, TheDAO
● The hype drives surge in scams, eg. high-yield investment programs● Clever social engineering tricks for Bitcoin and virtual currency owners
○ For example after exchange failures, scams to supposedly “recover” the funds
● But… no Nigerian scammers is asking for Bitcoin donations. Wrong audience to fall victim of this type of scam.
Upside
Is Ransomware a good thing?
What good does nefarious use do
for Blockchain technology?
Upside
Ransomware is a good thing, because:
● It will surge, and subsequently, it must die out!● It leads to stronger and improved security● Increases the awareness, and better protections being used
Blockchain technology abuse leads to:
● Hardened systems, protocols, and improvement to the core technologies● Harder, or impossible to circumvent● Improved anonymity and privacy● Provides the needed socio-technical balance
Interesting recent developments
ZK-SNARKs and ZCash → huge improvement in efficiency:
● Validation: 40ms● Tx creation: 90-160 seconds
Signature aggregation
BLS signatures
IBE, Identity Based Encryption
Secure multi-party computing
Some of our projects
● Simulation and modelling of human and technical factors● Autonomous, anonymous and decentralized institutions● Scalability, off-chain transactions, Lightning Network attacks● Fog of War: how to play strategy games without a trusted 3rd party
Conclusions Good vs. Evil
Conclusions
● Nefarious use will continue● Systems will evolve and improve, because of it, and in spite of it● All implications of new technical advancements need to be taken in
socio-technical context
Security, Anonymity and Autonomy
● Those areas will achieve a lot of attention, and will subsequently improve● System will become more secure, more anonymous, and more resilient● Technical advancements will enable new types of criminal activities● Technology also improves the criminal “business as usual” models
Some innovation in blockchain technology originates in Academia. Some in Darkweb.
Thank youAssoc. Prof. Mariusz Nowostawski
NTNU, Norway
http://ccis.no
Twitter: @praeteritio
Skype: nowostawski
http://ntnu.no/ansatte/mariuszn
Basic Copyright Notice & Disclaimer
©2017 This presentation is copyright protected. All rights reserved. You may download or print out a hard copy for your private or internal use. You are not permitted to create any modifications or derivatives of this presentation without the prior written permission of the copyright owner.
This presentation is for information purposes only and contains non-binding indications. Any opinions or views expressed are of the author and do not necessarily represent those of Swiss Re. Swiss Re makes no warranties or representations as to the accuracy, comprehensiveness, timeliness or suitability of this presentation for a particular purpose. Anyone shall at its own risk interpret and employ this presentation without relying on it in isolation. In no event will Swiss Re be liable for any loss or damages of any kind, including any direct, indirect or consequential damages, arising out of or in connection with the use of this presentation.