Cybersecurity Blog

Cybersecurity researchers from across Georgia Tech and the Georgia Tech Research Institute share their thoughts about emerging threats, trends, and technologies in the constant fight to secure data and information systems. Read what's capturing their attention and new insights they offer about cybersecurity topics in the news.

Blog entires are aggregated monthly into the Source Port newsletter, with additional research and updates from Georgia Tech. Source Port is published on the first business day of the month.


Cyber-Criminals Getting Leary of Bitcoin, Adopting Monero

January 10, 2018  |  By Stone Tillotson

Cyber-criminals are starting to switch from bitcoin (the “coin of the realm”) to alternative e-coins like Monero more and more every day. As awareness and buy-in grow, bitcoin transactions increasingly have drawn the focus of criminal investigators and regulatory bodies. Bitcoin’s lack of privacy features and its distributed ledger mean the buyer, seller, and amount of each transaction is essentially public information, waiting only to be linked to a real name and address. A one-time breach in a bitcoin wallet holder’s anonymity is effectively equivalent to publishing one’s real world banking records for all time. Monero incorporates privacy features by design, so tracing transactions through its distributed ledger is much more difficult. Monero achieves this by encrypting the essential elements of a transaction — buyer, seller, and wallet — leaving little to demonstrate even the existence of a transfer of funds between identifiable parties. The cyber-criminal crowd has taken note and this has led to more ransomware demanding payments in monero — a trend that likely will accelerate with time.

 

IISP Analyst Stone Tillotson: "Monero boasts another claim to its growing adoption, aside from privacy: it doesn’t look like it’s riding on a massive, scary bubble. Bitcoin’s stratospheric rise and huge swings in price make it an unattractive choice for transactions of all kinds, including cyber-crime. Cyber-criminals, after all, are in business and they love steady paydays as much as anyone. It’s simply bad for business when sudden swings in bitcoin value make your illicit wares unaffordable or your ransomware demands unpayable. And, that doesn’t even speak to the threat of having your gains destroyed when the bubble bursts. So, while Monero’s technical improvements certainly qualify it as a possible (maybe even desirable) successor to bitcoin, Monero’s growing adoption likely owes as much to being a crypto-bubble straggler as anything else. Since Monero’s value hasn’t yet gone sky high, this provides some reassurance that it’s closer to its real floor exchange rate, which limits possible losses. It’s lower value also provides plenty of running room to see it appreciate against non-cyber currencies while the crypto-bubble lasts. None of this is meant to discount the impressive technical achievements of bitcoin, nor any of the other new crypto-currencies in their rise, but rather to highlight how economic considerations are driving the trends. Crypto-currencies may be cool, but ultimately it’s the utility and usefulness that have the final say in value."

 

 

More...


NIST to Demonstrate Automation of IoT Security
Jan. 5, 2018

Looking into 2018: the Biggest Unresolved Cybersecurity Matters Ahead
Dec. 20, 2017

The Best Cybersecurity Stories of 2017
Dec. 20, 2017

Cryptocurrencies: Why Bubble Machines Crash the Party
Nov. 30, 2017

User Whereabouts on Trial
Nov. 27, 2017

De-Neutralizing the Net
Nov. 22, 2017

Intel-based PCs May be Widely Vulnerable to an Attack Over USB
Nov. 20, 2017

EU Unites Against Cyberattacks
Oct. 30, 2017

Got SIDR?
Oct. 30, 2017

Encryption Only as Strong as Its Implementation
Oct. 26, 2017

 


 

About the Analysts

 

Holly Dragoo is a research associate with the Cybersecurity, Information Protection, and Hardware Evaluation Research (CIPHER) Laboratory at the Georgia Tech Research Institute. Her previous work with the U.S. Department of Defense and Federal Bureau of Investigation give her a unique understanding of intelligence community requirements. Dragoo’s research interests include cybersecurity policy issues, threat attribution, metadata analysis, and adversarial network reconstruction. More By Holly

 

 

Brenden Kuerbis, Ph.D., is a postdoctoral researcher at Georgia Tech’s School of Public Policy and a former Fellow in Internet Security Governance at the Citizen Lab, Munk School of Global Affairs, University of Toronto. His research focuses on the governance of Internet identifiers (e.g., domain names, IP addresses) and the intersection of nation-state cybersecurity concerns with forms of Internet governance. More by Brenden

 

 

 

Joel Odom leads a team of researchers focused on software security as branch head for the Cybersecurity, Information Protection, and Hardware Evaluation Research (CIPHER) Laboratory at the Georgia Tech Research Institute. He and his team research static and dynamic software analysis, software testing techniques, software reverse engineering, and software vulnerability discovery and mitigation. More by Joel

 

 

 

Chris M. Roberts is a senior research engineer with the Cybersecurity, Information Protection, and Hardware Evaluation Research (CIPHER) Laboratory at the Georgia Tech Research Institute specializing in embedded firmware reverse engineering and hardware analysis.  Mr. Roberts’ technical expertise has expanded to cover radio frequency system design, electronic and cyber warfare, hardware and firmware reverse engineering, vulnerability assessments of embedded systems and assessment of vulnerability to wireless cyberattacks. More by Chris

 

 

Stone Tillotson is a research scientist with the Cybersecurity, Information Protection, and Hardware Evaluation Research (CIPHER) Laboratory at the Georgia Tech Research Institute, where he develops applications for security involving attack/defense simulations, social media affinity mapping, and transitioning teams to Agile development. His focus includes design and development of front-end, back-end, and the data layer with considerations for architecture, design patterns, and user experience. More by Stone