Babies & Bathwater: WSJ OpEd Suggests Banning Cryptocurrency Entirely To Stop Ransomware

from the good-luck-with-that dept

The hack of the Colonial Pipeline has already made lots of news, and with that, the government is rushing to come up with new regulations, which will almost certainly be overkill. While the transparency aspect of the expected rules (requiring reporting of "cyber incidents" to the federal government) was more or less expected to come at some point no matter what, the other rules are likely to be fighting the last battle. There are constant changes to these kinds of attacks, and seeking just to prevent them is a fool's errand.

However, we're now seeing some truly silly suggestions. Lee Reiners, who runs Duke Law School's Global Financial Markets Center, has published an op-ed in the WSJ that truly is an astounding example of throwing out all the babies with the bathwater. Reiners says the way to stop these attacks is to just ban all cryptocurrency. This is silly on many levels -- mostly because (1) that's impossible, (2) it wouldn't work, and (3) it would destroy a ton of important and valuable projects. Frankly this op-ed does not speak well to the Global Financial Markets Center and its understanding of anything. Here's the core of the argument:

Ransomware can’t succeed without cryptocurrency. The pseudonymity that crypto provides has made it the exclusive method of payment for hackers. It makes their job relatively safe and easy. There is even a new business model in which developers sell or lease ransomware, empowering malicious actors who aren’t tech-savvy themselves to receive payment quickly and securely. Before cryptocurrency, attackers had to set up shell companies to receive credit-card payments or request ransom payment in prepaid cash cards, leaving a trail in either case. It is no coincidence that ransomware attacks exploded with the emergence of cryptocurrency.

There is no doubt that cryptocurrency does aid the ability to pass around money without being traced -- and that certainly can (and does) help some criminal enterprises. But, the idea that it makes their job "safe and easy" is simply not true. We've seen plenty of criminal operations that relied on cryptocurrency run into issues, including being taken down by law enforcement. This is for a variety of reasons -- including that in the process of converting cryptocurrency into other forms of money, you often end up introducing friction that may require some identification. Similarly, there are a lot of steps involved in transferring around even large sums of cryptocurrency that can leave trails. Are there ways to hide yourself? Absolutely, but it's not as "easy" as the article makes it out to be.

And the claim that the rise of ransomware is because of cryptocurrency seems like a "correlation does not mean causation" kind of situation. There are many reasons why ransomware may have increased over the past few years -- including improvements in a variety of hacking tools, the increased online nature of many businesses (especially during the pandemic) and some other factors as well.

Banning anything runs counter to the American ethos, but as our experience with social media should teach us, the innovative isn’t always an unalloyed good. A sober assessment of cryptocurrency must conclude that the damage wrought by crypto-fueled ransomware vastly outweighs any benefits from cryptocurrency.

I mean... what? No one has ever argued that any innovation is "an unalloyed good." Basically everyone recognizes that innovation has a variety of different impacts -- some good, some bad, some indifferent. They're tools. Some people use them for good things. Some people use them for bad things. That's true of social media. And it's true of cryptocurrency. But Reiner then takes the leap from saying it's not an "unalloyed good" to insist that, actually, cryptocurrency is all bad. Why? Because he says so.

It isn’t obvious that cryptocurrency provides any benefit at all beyond the chance to make a quick buck. I have been studying the crypto market since its inception, and I have yet to identify a single task or process that crypto makes easier, better, cheaper or faster. Don’t take my word for it. Ask any friend why he owns cryptocurrency, and the answer will invariably be “to make money.” In other words, speculation. (The blockchain technology that underpins crypto does have promising applications in supply-chain management and other areas.)

This paragraph is the kind that should be remembered in the future. I know that many people probably do agree with this assessment, but it shows a real lack of imagination about how cryptocurrency could be useful, as well as a real lack of understanding of the nature of innovations and how they progress over time. We certainly heard similar statements regarding home computers, the internet itself, mobile phones and many other things as well. It may be true that the killer apps for cryptocurrencies are not well recognized now, but that hardly means they don't exist, and it really isn't an excuse for trying to ban the entire concept.

As for that closing sentence about blockchain, the paragraph totally misses that the underpinnings of what makes a blockchain effective is the integration with cryptocurrency. Yes, you can create cryptocurrency-less blockchains, but they tend to be significantly less interesting, and almost certainly need to create some other incentive system. That generally means that they only work when controlled by a few centralized players, dropping the benefits of a more truly decentralized system with cryptocurrency.

And, the line that most people investing in cryptocurrency are doing so to make money is... meaningless. Yes, that's one of the important functions of money. It acts as an incentive system. But some of the clever aspects of how cryptocurrency and blockchain work together is that built-in incentive structure that makes the distributed/trustless system function. Yes, the fact that many people are in cryptocurrency to make money does open it up to speculation (and scams). But that incentive is a feature, not a bug.

Most importantly, this ignores that there are interesting ideas and innovations that are just starting to come out of the cryptocurrency world. Obvious, we've talked a lot on Techdirt about dealing with other issues -- competition, privacy, free speech, content moderation, etc. -- with a more distributed internet. And one way to help make that a reality is using cryptocurrency. We're already seeing some interesting elements of that start to play out with things like FileCoin and the projects that are just starting to show up around that space. To claim that there's nothing valuable at all is to show a near total ignorance of the more interesting elements of what's happening. Yes, there are plenty of silly scams and headline grabbing nonsense, but to insist that means there's no redeeming value is missing the point. Entirely.

Reiner then includes a paragraph that basically says people will mock him for these claims, and insisting that because people will attack him for his short-sighted ideas, it proves that "the emperor has no clothes." Huh?

A day after the Colonial Pipeline shutdown, cryptocurrency champion and self-proclaimed “Dogefather” Elon Musk went on “Saturday Night Live” and admitted the obvious: The dogecoin cryptocurrency is a “hustle.” He then performed an encore by tweeting that Tesla was suspending the use of bitcoin for vehicle purchases due to the coin’s carbon footprint.

Tarring all cryptocurrency because Elon Musk's random flights of fancy -- and focusing on Dogecoin of all the cryptocurrencies out there -- does not make the argument more compelling. It screams out that Reiner is cherry picking examples. Yes, there are silly cryptocurrencies. Yes, there are scams. Yes there is ransomware and yes sometimes cryptocurrencies can make some aspects of criminal behavior easier. But this article fails to tackle any of that in a meaningful way, simply pulling some edge cases and tapdancing around the rest.

And, of course, as we noted above, the idea that you could even ban cryptocurrency is ludicrous. The entire idea behind them was that there is no central node that you can shut off. Reiner tries to get around this by noting the government could put in place a whole bunch of annoying hurdles, but that's not going to stop cryptocurrencies at all.

Any solution must at least reduce the use of cryptocurrency. Governments and retailers should be encouraged not to accept payment in it. An outright ban could get the job done, but if it would be too difficult to enforce or get through Congress, regulators could crack down on the off-ramps and on-ramps, the points at which crypto is converted into fiat currency and vice versa.

Cryptocurrency firms serving U.S. customers are supposed to be subject to the same anti-money-laundering requirements as traditional financial institutions, but more can be done. Late last year, the Treasury Department’s Financial Crimes Enforcement Network proposed a rule to establish new reporting, verification and record-keeping requirements for certain cryptocurrency transactions. Last week Treasury proposed granting more resources to the Internal Revenue Service to address crypto and called on businesses to report receipts of more than $10,000 in cryptocurrency. Both proposals should be adopted, but they will be effective only if other countries follow suit.

I mean, it's kinda funny, because up top I noted that the idea that criminals can easily get away with ransomware because of cryptocurrency wasn't always true because of regulations at the "on-ramps" and "off-ramps" and then later in the article he more or less admits that's true.

Of course, there are other risks associated with heavily regulating cryptocurrency -- again in potentially throwing out babies with the bathwater. Putting too many restrictions on the usage of cryptocurrency could hinder adoption of the actual useful elements of it.

We can live in a world with cryptocurrency or a world without ransomware, but we can’t have both. It is time for the adults to tell the children: Party’s over.

That's nonsense. There's no way to get rid of cryptocurrency, and if we just overly burden it with excess regulations as he proposes, that will just lead to more creative workarounds, that will get even more adoption among criminal elements, rather than for more socially useful activities. Second, there is no such thing as "a world without ransomware." This is just wishful thinking based on the false premise that ransomware only exists because of cryptocurrencies.

And, yes, clearly there's a real risk with ransomware and attacks like the Colonial Pipeline that the end result could be quite problematic. However, the fact is the real cybersecurity risks from ransomware are monetary risks. The risks associated with taking down or breaking critical infrastructure tends to come from nation-state attacks, not ransomware attacks for money. The whole op-ed is a silly, nonsensical attack on cryptocurrency that doesn't seem based in reality. If that's the level of the work that comes out of the Global Financial Markets Center, it does not speak highly of Duke's ability to produce good scholarship on this subject.

Of course, I will note that Reiner's hatred of cryptocurrency has not stopped his own center from asking the public to donate cryptocurrency to support the center. How curious.

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: cryptocurrency, lee reiners, ransomware


Reader Comments

Subscribe: RSS

View by: Thread


  • This comment has been flagged by the community. Click here to show it
    identicon
    Anonymous Coward, 26 May 2021 @ 10:50am

    No way to get rid of murder, so let's not bother making it illegal.

    Funny how many articles which appear here take positions which benefit sites which exist and profit from defamation, piracy, hacking, cyberterrorism, etc.

    reply to this | link to this | view in chronology ]

    • icon
      Samuel Abram (profile), 26 May 2021 @ 12:06pm

      Re:

      Funny how many articles which appear here take positions which benefit sites which exist and profit from defamation, piracy, hacking, cyberterrorism, etc.

      Weird, because on his podcast, he interviewed someone from NIST.

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 26 May 2021 @ 12:14pm

      Re:

      Manslaughter, first/second/third degree murder, premeditation, self defense, justified use of force, castle doctrine.

      It's almost like just saying murder is bad and illegal as your mic drop is foolish as we have many laws around someone killing someone else.

      Crypto too should have laws around it, and if some crypto cant follow those laws guess what? They become illegal without blanket banning crypto.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 26 May 2021 @ 10:58am

    This is just wishful thinking based on the false premise that ransomware only exists without cryptocurrencies.

    Should be "the false premise that ransomware only exists with cryptocurrencies."

    reply to this | link to this | view in chronology ]

  • identicon
    christenson, 26 May 2021 @ 11:14am

    More socially useful cryptocurrencies?

    Bitcoin seems to be pure speculation, as it has no fundamental value beyond whatever people will exchange for it. It also has a problem that as the price goes up, the incentives (fixed bitcoin rewards for short-term approximately constant amounts of computation with a lottery) to spend scarce real energy resources on the computation increases.

    I'd like to see Techdirt's take on other cryptocurrencies/blockchains and how they deal with these theoretical flaws in Bitcoin's model.

    Would it make sense to limit the computational step to those with private keys in the non-minimal transactions to be recorded in a particular block?

    What is the model for filecoin?

    reply to this | link to this | view in chronology ]

    • icon
      Koby (profile), 26 May 2021 @ 11:58am

      Re: More socially useful cryptocurrencies?

      Bitcoin seems to be pure speculation, as it has no fundamental value beyond whatever people will exchange for it.

      The fundamental value of crypto is the underlying mining network. It is a distributed system for processing payments in a trustless environment. Some people may not like such a system, and that's fine. I'm just saying that there's value, at least for its participants. Credit cards and banks essentially charge money for what they do, because they provide value. Bitcoin provides similar value for transferring money.

      reply to this | link to this | view in chronology ]

      • icon
        Samuel Abram (profile), 26 May 2021 @ 12:03pm

        Re: Re: More socially useful cryptocurrencies?

        Koby, If you could make more insightful comments like these and less painfully stupid comments vis-à-vis intermediary liability, I would like you a lot, lot more.

        reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 26 May 2021 @ 12:04pm

      Re: More socially useful cryptocurrencies?

      Bitcoin has value as a bearer bond, a digital store of value, a means of currency exchange, and for fringe/adult/criminal monetary exchanges.

      More valuable is something like Ripple which is scalable.

      Governments want fiat because they don't want the Koch brothers holding all the gold (even if one of them is dead).

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 26 May 2021 @ 2:32pm

        Re: Re: More socially useful cryptocurrencies?

        No it is because gold is a fucking criminally stupid thing to anchor your currency supply rate to. How great is something that once a country grows to a certain size needs to engage in wars of conquest to not be paralyzed, and then after all of those unneccessary deaths suffer from hyperinflation? The gold standard is a dumb meme.

        reply to this | link to this | view in chronology ]

    • identicon
      Paul B, 26 May 2021 @ 12:30pm

      Re: More socially useful cryptocurrencies?

      Given the amount of pump and dump scams in Crypto, the fake trading back and forth to make the price look higher then it should be, and the nature that 99% of a limited pool of tokens are more or less not in use. This alone is a good reason to stay the fuck out of the market.

      BUT! You also have issues with 20% of China's power going to it, criminal ganges using it as a way to launder money and at least a few other scams going around. I can see why the government would at some point end it.

      The other side of the coin, the coin itself is actully meaningless Its a stand in for a store of value and could easily be replaced by anything that could not be reproduced easily, or could easily be traded for cash.

      reply to this | link to this | view in chronology ]

    • icon
      Scary Devil Monastery (profile), 28 May 2021 @ 5:21am

      Re: More socially useful cryptocurrencies?

      "Bitcoin seems to be pure speculation, as it has no fundamental value beyond whatever people will exchange for it."

      There is a problem in a currency which only operates on faith. No way around that.

      And the issue is that most normal currencies issued by governments operate in an identical way. On faith. The dollar, Euro, or Yuan only have the purchasing power provided by the faith of the market. They are the exact same kind of animal cryptocurrencies are. They're all based completely on speculation of how valid other people will consider the piece of dead tree you're holding.

      Beause that's what a dollar bill is - dead wood with ink on it describing a value and id number. Take away everything but the value and the id number and you get bitcoin.

      "the incentives (fixed bitcoin rewards for short-term approximately constant amounts of computation with a lottery)"

      I'm no expert but as I've understood it there's an upper limit on the amount of bitcoin which can exist at all, the mathematical operation to dig up a new unit becoming incrementally harder. Hence at some point mining will stop and it's been the hope that from that point on the currency will fluctuate according to supply and demand.

      Which is actually a very clever bit of thinking. The only reason governments print more money is to replace worn-out currency and to generate inflation. Bitcoin can not, in the same manner, become a lever for national influence on the value of currency.

      reply to this | link to this | view in chronology ]

  • identicon
    Michael, 26 May 2021 @ 11:18am

    Ban cash as well

    We could easily stop all bank robberies simply by banning cash. Brilliant, right?!

    Lee Reiners appears to be an expert in crypto the same way Guiliani is an expert in cybersecurity.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 26 May 2021 @ 12:05pm

      Re: Ban cash as well

      Muggings and robberies are much a thing of the past because they aren't that sustainable. Much higher risk for much lower rewards.

      reply to this | link to this | view in chronology ]

      • identicon
        Paul B, 26 May 2021 @ 12:24pm

        Re: Re: Ban cash as well

        Today you Don't mug the person, you steal his identity, open credit cards, max them out, and leave the poor person with the bill.

        Mugging the person opens you up to normal cops going after you, kidnapping the person today would work better, but again, normal cops go after that crime. ID theft, even better if done from outside the US, is mostly very hard to prevent and can net a lot more money.

        reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 26 May 2021 @ 4:27pm

      Re: Ban cash as well

      We could easily stop all bank robberies simply by banning cash.

      Outside of the few who try to escape on foot, I'd think most bank robberies could be foiled by banning cars and trucks.

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 26 May 2021 @ 4:49pm

      Re: Ban cash as well

      We could easily stop all bank robberies simply by banning cash. Brilliant, right?!

      Hey, they're working on it. Look at all the stories of cops stealing money because they find cash "suspicious". Carrying more than $10,000 (or foreign currencies worth that much) across the USA's border requires a customs declaration by the way, presumably to give them a chance to steal it. Note that the amount is never adjusted for inflation.

      reply to this | link to this | view in chronology ]

  • identicon
    Professor Ronny, 26 May 2021 @ 11:20am

    To Make Money

    Don’t take my word for it. Ask any friend why he owns cryptocurrency, and the answer will invariably be “to make money.”

    I would give the same answer ("to make money") if you asked me why I own stocks, or bonds, or CD's. It's also a big part of the reason I have a saving account and mutual funds. Does he want to ban these as well?

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 26 May 2021 @ 2:52pm

      Re: To Make Money

      You beat me to it. I too am yet to meet anyone with financial assets for any other reason then "to make money".

      Maybe this because cryptocurrency is not the "right" way to make money? /s

      reply to this | link to this | view in chronology ]

    • icon
      Tobias Harms (profile), 27 May 2021 @ 1:09am

      Re: To Make Money

      That's the main reason i work at all. If I didn't make money I would do something else.

      reply to this | link to this | view in chronology ]

  • identicon
    bobob, 26 May 2021 @ 11:26am

    Huh? Are the folks at the WSJ more daft than usual? Why not ban money to stop robberies?

    reply to this | link to this | view in chronology ]

  • icon
    ECA (profile), 26 May 2021 @ 12:05pm

    all this

    And not abit of discussion about HOW the problem could be solved, IF' there was a Human at the end of the computer installed to control the pipeline?

    Isnt the corp that created and use's the pipeline SUPPOSED to protect itself?

    Tell me, that the Whole north eastern seaboard power system is integrated with the internet. Tell me someone didnt Already try to hack the thing.

    There are some ways to control this. Its that the FINAL computer has to have a MANUAL INPUT at that last Keyboard, before it will do anything.

    reply to this | link to this | view in chronology ]

    • icon
      Chris-Mouse (profile), 26 May 2021 @ 1:03pm

      Re: all this

      The problem with requiring someone to enter commands at the final computer is that it also requires someone to be present at that final computer. The whole reason for networking the computers is so that the control of a distributed system can be centralised under the control of a handful of operators. The only reason it's a problem is because the site operators chose the cheaper option of networking via commercial internet instead of the more secure, but far more expensive option of networking via a private, dedicated network.

      reply to this | link to this | view in chronology ]

      • icon
        ECA (profile), 26 May 2021 @ 1:55pm

        Re: Re: all this

        Wow,
        you understand.
        But lets add 1 more word.
        AUTOMATION.
        Automating things ISN'T always the best way.
        A computer only makes a decision, IF the program demands it.
        IF I tell it to Shut down, it Shuts down.
        But if there is a HUMAN at the controls, you have a HUMAN to fire if he makes a mistake.
        You cant fire the computer. And the Computer dont cost you $40k+ per year to sit in an office waiting for something to happen.

        reply to this | link to this | view in chronology ]

  • icon
    That Anonymous Coward (profile), 26 May 2021 @ 12:23pm

    "Ransomware can’t succeed without cryptocurrency."

    The UK thought that murder can't succeed without guns, now they stab each other & have to register ownership of cutlery.

    You know what really really can stop Ransomware from succeeding??
    Kill all the humans.
    No really they are the weak link in nearly every ransomware attack.
    Baring that perhaps demanding a tiny amount of security from these companies with actual penalties for not doing it.

    If we just ban Western Union none of those Nigerian Princes could make a dollar, I see no problem with this make it so.

    How in the actual fsck is this person allowed out in public without a team of minders keeping him from running into traffic to show that if we ban all cars no one would get run over.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 26 May 2021 @ 1:10pm

      Re:

      It is another vote for the breathing ban!

      on a side note: I think ransomware is the "ransom". I don't think banning cryptocurrency will actually stop it any more than banning crime will stop crime. And people would still engage in it, or something similar simply because some humans are sick and have a fundamental need to hurt people.

      reply to this | link to this | view in chronology ]

    • icon
      Bloof (profile), 26 May 2021 @ 4:38pm

      Re:

      You know the US murder rate is four times that of the Uk, right? Nobody thought banning guns would end murder, but we thought one school shooting was one too many, changed the laws lo and behold, mass shootings stopped, meanwhile in the US it's always too soon after a tragedy to discuss reform, and the next shooting is never too far away.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 27 May 2021 @ 4:10am

        Re: Re:

        I have new for you, actual gun spree killings in the UK since 1900 are:-

        The Hungerford massacre 1987

        The Dumblane massacre 1996

        The Cumbria shootimgs 2010.

        All other mass casualty events in that period have been terrorist related bombings, car and knife attacks.

        So it looks like the UK gun ban has had exactly zero impact on mass shootings.

        reply to this | link to this | view in chronology ]

        • icon
          Bloof (profile), 27 May 2021 @ 4:20am

          Re: Re: Re:

          So that's three events in DECADES, while the US has so many people no longer bat an eye as they happen so often and you refuse to address the elephant with a pistol in the room. No other developed nation has the gun problem you do, and your only answer is MOAR GUNS, THOUGHTS AND PRAYERS! then you wonder why it keeps on happening.

          Americans really need to stop getting their news from The Daily Mail and Paul Joseph Watson, official crime stats do not come close to backing up the fear the far right are trying to sell you.

          reply to this | link to this | view in chronology ]

    • icon
      ECA (profile), 27 May 2021 @ 1:05am

      Re:

      ransom ware?
      REAL humans controlling things, not computers.
      depending on computers is like telling people to BACKUP SYSTEMS, Every DAY. Even Continious, all DAY backups, so you can Look at the files and FIND the problem.
      Restricting EVERY input, from Email/to Local disks,m SHOULD be evaluated from stem to stern, BEFORE it gets NEAR a crucial computer.
      So, What happened? Either someone installed the backdoor, somoene inserted a disk or program(WHICH is the BIG No-No). Or a full remote hack, that had no info of what was there?
      To think that they wouldnt have a sign-in to the system, THEN an altered interface that needed a Specific program to interface with it.
      How much security did they NOT HAVE? What are the Odds, there are people in this site that have BETTER protection then they had?
      I NEVER read HTML emails, Unless Im 100% Sure. I read TXT ONLY, and the smarter of companies tend to send TXT and HTML lower on the page.
      Even Windows has added more protection, And we ADD on top of that.

      reply to this | link to this | view in chronology ]

    • icon
      Scary Devil Monastery (profile), 28 May 2021 @ 6:00am

      Re:

      "How in the actual fsck is this person allowed out in public without a team of minders keeping him from running into traffic to show that if we ban all cars no one would get run over."

      “Idiot - A member of a large and powerful tribe whose influence in human affairs has always been dominant and controlling. The Idiot's activity is not confined to any special field of thought or action, but "pervades and regulates the whole." He has the last word in everything; his decision is unappealable. He sets the fashions and opinion of taste, dictates the limitations of speech and circumscribes conduct with a dead-line.”

      • Ambrose Bierce, The Devil's Dictionary.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 26 May 2021 @ 1:07pm

    I have been studying the crypto market since its inception, and I have yet to identify a single task or process that crypto makes easier, better, cheaper or faster.

    That's literally two paragraphs after saying how cryptocurrency makes ransom easier and cheaper. The earlier paragraph says ransomware can't succeed without cryptocurrency, which is ridiculous because it then proceeds to describe how ransomware worked before cryptocurrency. There's some serious cognitive dissonance here.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 26 May 2021 @ 1:10pm

    The hack of the Colonial Pipeline

    The hack of the CP the corporation, not pipeline control itself. This is constantly misrepresented, which brings up two issues. One, CP decided to shut down their own supply lines because reasons. Two, if you have your infrastructure connected to public networks (even indirectly), you're fucking morons and at least as responsible for any problems as the criminals who attack it, as you are for your business systems which you constantly allow to be compromised.

    There is even a new business model in which developers sell or lease ransomware

    Did this guy just step out of a time warp from 20 years ago?

    as our experience with social media should teach us, the innovative isn’t always an unalloyed good.

    Past and contemporary human constructs aren't unalloyed goods either.

    I have been studying the crypto market since its inception, and I have yet to identify a single task or process that crypto makes easier, better, cheaper or faster. Don’t take my word for it. Ask any friend why he owns cryptocurrency, and the answer will invariably be “to make money.” In other words, speculation.

    Start with banks, other financial industry stuff, the stock markets, regulatory capture, and the way corporations are allowed or required to run first, jackass.

    But never mind, everyone will forget about this in a couple months anyway, like every other time something happens.

    reply to this | link to this | view in chronology ]

    • identicon
      Rocky, 26 May 2021 @ 3:30pm

      Re:

      One, CP decided to shut down their own supply lines because reasons.

      I've heard a rumor that CP shut down the pipeline because the ransomware crippled their financial systems which meant they couldn't meter and/or send invoices to those buying fuel from CP.

      I have no idea if that was the reason since it's a rumor, but I wouldn't at all be surprised if it was true.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 26 May 2021 @ 1:16pm

    What are critical systems connected to the Internet, as the alternative is private wire network. Or, if you must use the Internet, limit connections to public key SSH connections. Remote sites only need to provide a low level data and control interface, and it should be quick to stand up a control system if the companies main system is shut down. Keep one usually offline system that can be used to invalidate and install the public keys for connections at the remote sites, so that its key cannot be stolen, and assume other keys are compromised in a cyber attack.

    reply to this | link to this | view in chronology ]

  • identicon
    Glenn, 26 May 2021 @ 1:17pm

    Ban all crypto mining, save a... forest of trees.

    reply to this | link to this | view in chronology ]

  • icon
    Rico R. (profile), 26 May 2021 @ 1:30pm

    I see one tiny flaw in this plan on "banning cryptocurrency to stop ransomware attacks". Namely, ransomware creators could care less about the law. Operating ransomware is already illegal, but that doesn't stop cybercriminals from creating and spreading this kind of malware.

    And what will happen when ransomware attacks the average citizen, encrypts all their data, and the criminals demand payment only in some type of cryptocurrency in exchange for the decryption key? Sure, there's no guarantee that the crooks will play by their own rules, but this isn't your own data we're talking about. While security firm Sophos recommends NOT paying the ransom, they don't say you shouldn't pay it under any circumstances. After all, when it's your data on the line, and you know you don't have backups of what's been encrypted, you're SOL without paying the ransom.

    But under this proposed solution, the victims are left with no recourse. The cybercriminals could care less about the legality (or lack thereof) of cryptocurrencies, but now you have to figure out how to secure something illegal for yourself just to get your data back. What's the solution to their predicament, then? Wait for law enforcement to track down the cybercriminals and recover the decryption keys? What if one of the encrypted documents is time-sensitive and they need to get the data back ASAP? The victim shouldn't just be treated as if they're ever only pipeline workers and government agencies. This is why I'm also against a blanket ban of paying a ransom demanded from ransomware.

    Like so many issues discussed on Techdirt, these issues are nuanced and complex, and they shouldn't be treated with patchwork, one-size-fits-all solutions. I'm not saying this to defend the makers of ransomware; I'm saying this to defend all of the victims of ransomware attacks, both large and small. And that's without even looking at, as this article points out, all of the legitimate reasons to use cryptocurrency. Some forms of ransomware may rely on cryptocurrency to function, but cryptocurrency doesn't depend on the existence of ransomware. It's time to start targeting the right problem and not make boogeymen out of things you don't understand because some criminals can use it nefariously.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 26 May 2021 @ 2:48pm

      Re:

      They depend upon legitimate currency inflow and outflow to be usable for ransomware. It wouldn't be perfect in practice but it would harm usability. Try demanding in ransomware say MMO glitch created/accessible items. It wouldn't work as well.

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 27 May 2021 @ 4:01am

      Re:

      That's what backup drives and the cloud are for.

      reply to this | link to this | view in chronology ]

    • icon
      ECA (profile), 28 May 2021 @ 5:01pm

      Re:

      The ones most affected do GAIN.
      ITS an excuse NOT to have the above average security.
      WE LOST OUR FILES.
      They killed our system.
      All this for the lack of an admin or programs to SCAN EVERY EMAIL? STOP any email that has attachments? or isnt in TXT? STUPID.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 26 May 2021 @ 3:44pm

    I don't know if banning cryptocurrency would do anything to ransomware. But it should be banned anyway, to stop the absurd waste of energy in mining it.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 26 May 2021 @ 4:44pm

      Re:

      But it should be banned anyway, to stop the absurd waste of energy in mining it.

      That would be an overbroad ban, as not all cryptocurrencies are proof-of-work systems. Even banning that would seem a hollow gesture unless mining of "investment" metals were also banned (we have enough gold and silver for a long while, but can hardly do anything useful with them because "investors" have inflated the prices so much).

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 26 May 2021 @ 6:53pm

      Re:

      Agreed. A private equity firm bought an in-the-process-of-dying fossil fuel plant in New York State and are gonna use a lot of its power to mine Bitcoin.

      Cryptocurrencies are keeping fossil fuels alive. Even if we switch to all renewables, that energy would be better used elsewhere. They need to be banned.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 27 May 2021 @ 3:58am

        Re: Re:

        Second-layer crypto can eliminate this problem, with Bitcoin more like "physical" gold due to its physical footprint. It can become like comma-delimited is to a database.

        reply to this | link to this | view in chronology ]

    • icon
      Scary Devil Monastery (profile), 28 May 2021 @ 6:08am

      Re:

      Answers to both staments are;

      1) It won't. Cryptocurrency is high on The List of grand inconveniences as it's a trader's forum outside of government control. Ransomware, otoh, distributes, 99 times out of 100, on shady emails, scamware, and compromised USB's.

      2) It can't be. I mean, yes, you could ban it but it would be impossible to enforce for as long as it's still legal to own a computer without government spyware to ensure you're on the level.

      That all set aside, cryptocurrencies are designed to become harder to mine as more units come into circulation. Not sure if that limit is inherited by the spin-offs but if not then there will hopefully be a point at which people will stop burning power on mining.

      Either way we aren't in a position to ban or enforce a ban on crypto.

      reply to this | link to this | view in chronology ]

    • icon
      ECA (profile), 29 May 2021 @ 12:34pm

      Re:

      but go look at whats going on the Stock exchange.
      How many groups are taking advantage of the Faults inthe system.
      From Multiple Types of stock, some that give you abit of power and ownership to Most that give you nothing but Pennies.

      Over inflating the value of your corp, so that you can ADD more stocks. The value of USA corps, has gone over the amount of money in the world. How can you value a corp Worth more?

      WELL, we could get the gov. to Quit passing around money, as if its Halloween candy.

      reply to this | link to this | view in chronology ]

    • icon
      ECA (profile), 2 Jun 2021 @ 12:03pm

      Re:

      have you ever heard the tail of Efficiency?
      IT SUCKS.
      Lets say heating a home, costs someone $60 per month. But wants to save money and invests in a new heater, that is 1.5x better, or even adds passive solar. He gets down to $30 per month and loves it. Then his neighbors join in, and by the time a small town has Upgraded, the heating/power/gas corp isnt making the SAME amount of money, so they raise their prices. ANd you end up paying $60 again. Even tho you are using less.
      If the Amount of energy is kept about the same there is little reason to raise prices, and Why we have a PUC.
      Remember we cut power by about 1/3 by going to LED Lights. If the excess power isnt used the price will go up.

      reply to this | link to this | view in chronology ]

  • identicon
    golden espionage, 26 May 2021 @ 6:03pm

    cryptocurrency madness and stupidity

    Ban the stupid waste of resources and put all of the convicted idiots who try to extort in a jail cell for the rest of their lives. If they are hiding in Russia or China start putting sanctions on the country shielding them and stop trading with them. Yes we should all stop trading with china now as they are threatening the world with war.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 26 May 2021 @ 6:50pm

    Private equity firms buying fossil fuel plants to bring them back online to mine Bitcoin is truly the innovation that we need, and proves that cryptocurrencies are the future. They should never be banned. Burn, baby, burn!

    /s

    https://arstechnica.com/tech-policy/2021/05/private-equity-firm-revives-zombie-fossil-fuel- power-plant-to-mine-bitcoin/

    reply to this | link to this | view in chronology ]

  • icon
    crazy_diamond (profile), 26 May 2021 @ 9:01pm

    The Op-Ed buried the lede. The scandal is not that a company's business was shut down by ransomeware whose bounty was paid in cryptocurrency. The scandal is that we allow private entities to control vital national infrastructure with minimal oversight. The trillion dollars plus that we spend on the DoD and "Intelligence Agencies" might even be justified if they were tasked with preventing cyber threats instead of dropping bombs on poor people. It shouldn't be a stretch to demand that those massively profiting by providing critical services should meet stringent (and expensive, profit-lowering) security standards.

    A serious attack on, say, the electric power grid in January, would make the number killed on 9/11 look like a rounding error, and we wasted trillions of dollars and killed an unimaginable number of people in our ineffectual response to that attack.

    I'm as wary of invasive, over-reaching government power as one can be, but we're not talking about social media here, something which has both the left and right wasting a lot of time finding problems for their regulatory solutions.

    But of course The Journal published this garbage because it has no problem with the status quo but big problem with anything that disrupts it and doesn't benefit the incumbents. And cryptocurrency must be stopped because the incumbents don't get a slice of every transaction.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 27 May 2021 @ 4:21am

      Re:

      Anyone could attack our infrastructure via a hack...once.

      Messing with our oil was the beginning of the end for crypto.

      reply to this | link to this | view in chronology ]

      • icon
        ECA (profile), 2 Jun 2021 @ 11:57am

        Re: Re:

        AC.
        Whats funny is that you dont know that most oil from the USA is sold in other countries. we dont like High sulfur oil.
        And considering the USA gov. pays for most of their Exploration costs, which is allot of money to Find oil. We already know where most of it is. A very good movie called Oklahoma show'd the Big boom there and how Derek's, ever 100 foot, dont do allot.

        reply to this | link to this | view in chronology ]

  • identicon
    Pixelation, 26 May 2021 @ 9:34pm

    Go ahead, bite my head off

    I'm not sure which cryptocurrency is, the baby or the bathwater. Anonymous transactions are nice but I just don't see that they are critical. Privacy for privacy's sake is great, and you can still use cash. If you can't have a transaction without cypto, perhaps you shouldn't have that transaction. My current opinion is a full 180 from my earlier point of view. Cryptocurrency is clearly making a bad situation worse with ransom demands. Considering the massive energy/environmetnal cost, I'm all for crpto going away.

    reply to this | link to this | view in chronology ]

  • icon
    Toom1275 (profile), 26 May 2021 @ 11:20pm

    Correction:

    Throwing out the bathwater with the bathwater

    reply to this | link to this | view in chronology ]

  • icon
    Bloof (profile), 27 May 2021 @ 12:38am

    Don't worry, the baby will have a nice soft landing atop the heap of waste produced burning fossil fuels so crypto scammers can have their magical private gambling tokens that aren't actually much use as money.

    The sooner the Tether scam is unravelled, the better.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 27 May 2021 @ 12:56am

    Crypto currencies aren't real money, they don't represent human work.

    reply to this | link to this | view in chronology ]

    • icon
      Scary Devil Monastery (profile), 28 May 2021 @ 6:36am

      Re:

      "Crypto currencies aren't real money, they don't represent human work."

      They are, unfortunately, as real as any other currency out there. Very little difference between a piece of dead tree with a few numbers on it, or those numbers with the bit of dead tree removed.

      Human work has never been an aspect of "currency". All a currency represents is that a certain token with the proper markings, will count as remuneration for goods or services because those providing the goods and services have faith that they can similarly make use of said token.

      In this both crypto and physical currency have complete parity. Both are literal articles of faith in the economy in which they circulate.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 29 May 2021 @ 11:03am

        Re: Re:

        So what I’m getting is that we should disarm the ability for Crypto to accrue value by having governments across the world ban it.

        reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 27 May 2021 @ 4:22am

    One of the first victories over Bin Laden was when, shortly after 9/11, we cut off his credit cards.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 29 May 2021 @ 11:07am

    People stealing electricity from homes to fuel Bitcoin mining. Cryptocurrency is a fucking joke, a waste of electricity and burden on the environment, and deserves to be banned. Legalize pot, ban Cryptocurrencies.

    https://twitter.com/tomwarren/status/1398222311371821057

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Close

Add A Reply

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Special Affiliate Offer

Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat

Warning: include(/home/beta6/deploy/itasca_20201215-3691-c395/includes/right_column/rc_promo_discord_chat.inc): failed to open stream: No such file or directory in /home/beta6/deploy/itasca_20201215-3691-c395/includes/right_column/rc_module_promo.inc on line 8

Warning: include(): Failed opening '/home/beta6/deploy/itasca_20201215-3691-c395/includes/right_column/rc_promo_discord_chat.inc' for inclusion (include_path='.:/usr/share/pear:/home/beta6/deploy/itasca_20201215-3691-c395:/home/beta6/deploy/itasca_20201215-3691-c395/..') in /home/beta6/deploy/itasca_20201215-3691-c395/includes/right_column/rc_module_promo.inc on line 8
Recent Stories
.

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.