AT&T, one of the largest telecommunications companies in the world, has reportedly had its email accounts breached by cybercriminals. The criminals have purportedly accessed personal accounts that use att.net, sbcglobal.net, and bellsouth.net addresses, and then used their API access to gain access to targeted victims’ crypto exchange accounts. According to a Techcrunch report, the cybercriminals may have stolen between $15 million and $20 million worth of cryptocurrency assets in this way—although AT&T has denied that its internal systems were compromised.
Attackers used API access from AT&T email accounts to create mail keys for any user, enabling them to log in and reset passwords, including those for crypto exchange apps. Two victims reportedly confirmed the theft, and a whistleblower said to have shared a list of the hackers’ alleged victims. Despite AT&T acknowledging the “unauthorized creation of secure mail keys,” a spokesperson stated that the company had updated its security controls and locked some email accounts forcing the owners to reset their passwords.
This breach highlights once again the vulnerability of cryptocurrency holders to cyberattacks, which can result in significant losses, increased regulatory scrutiny and reputational damage for both individuals and organizations.
With the burgeoning popularity of cryptocurrencies, cybercriminals are on the lookout for vulnerabilities in personal and business networks to gain access to digital wallets and exchanges in order to steal valuable assets. The rise of so-called cryptojacking and ransomware attacks over the past few years reflects the scramble by cybercriminals to monetize their expertise.
The Crypto Security Landscape
The already complex crypto landscape is made only more complicated by the variety of cryptocurrencies in circulation, and different exchanges that store them. Crypto investors choose to hold their assets on exchanges for convenience or they may be invested in specific tokens or coins. When an exchange is hacked such as in the well-known $530 million Coincheck hack in January 2018, the investors’ holdings are put at risk, with little hope of recovery. In this regard, exchanges and wallet providers need to boost their cybersecurity measures to ensure the protection of their users’ assets.
The lack of proper regulatory measures and governance further magnifies the damage caused by cyberattacks. Regulators have so far been slow in crafting rules to help guide the crypto market and offer protection to investors. The relative anonymity and decentralised nature of cryptocurrencies make them prime targets for hackers. There is a growing recognition within the industry that self-regulation is not enough to safeguard investors against fraud and theft.
Industry players must take a more proactive approach, working with regulators to craft legislation that helps to foster investor confidence in cryptocurrencies. The Blockchain Association in the US is an example of a lobby group pushing for adequate regulation to ensure better security measures. In Asia, countries like Singapore and Japan have strict cryptocurrency regulatory frameworks in place that mandate exchanges to comply with strict Anti-Money Laundering (AML) and Know-Your-Customer (KYC) measures.
Cybersecurity Best Practices
However, regulation is only one piece of the puzzle. Users must protect themselves by adhering to best practices for cybersecurity, which need to be continually updated as threats evolve. This includes creating strong passwords, enabling two-factor authentication, installing virus protection and avoiding suspicious email or social media messages.
Another measure that can be taken is the use of hardware wallets. These provide a cold storage option, ensuring that private keys are kept offline, and therefore not available for hackers to target. Hardware wallets are typically small USB devices that are trusted by being unhackable, and they connect to your computer only when you need to transfer your assets. There are several options available, including Trezor and Ledger Nano. Hardware wallets are not foolproof, and users still need to keep in mind their own cybersecurity when using them.
In the long term, the cryptocurrency industry must continue to evolve its own security frameworks that recognize and proactively address cybersecurity threats. As cryptocurrencies moves further into the mainstream, the industry will attract more cyberattacks, which means there will be a need for greater collaboration and cooperation between the industry, regulators and users to minimize the risk of loss of assets. And while the industry itself must evolve, each individual user has responsibility for their own cyber hygiene to ensure their assets remain secure.