BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

The Silk Road to the FBI is Paved with Bitcoin

Posted October 3, 2013    BeyondTrust Research Team

The FBI has seized control of one of the online black market’s most prominent marketplaces, Silk Road.

Silk Road was an online marketplace used by miscreants who bought and sold illegal merchandise, such as drugs, weapons, and other illicit materials. It was not accessible without the use of routing software known as Tor (the onion router). Tor is a network of systems that work together to create a way for people to nearly anonymously access various parts of the Internet. When using the Tor network, users are capable of accessing other computers on the Tor network with the assurance that it is very difficult to identify who is who on the network. This is ideal for the trade of illegal materials that occurred on Silk Road, which greatly benefits from the anonymous nature of Tor.

The alleged founder of Silk Road, Ross William Ulbricht, who went by the online pseudonym “Dread Pirate Roberts” (DPR), was arrested by the FBI at the same time as they seized control of the online marketplace. Along with the website seizure and arrest, Bitcoin funds were seized that amount to $3.6 million. Bitcoin is an unregulated currency used online for both legal and illegal purposes, touting anonymity of transactions to its users. Hence, this was a natural choice for users of the Silk Road marketplace. Because of the FBI seizure of Bitcoin funds, the exchange rate for Bitcoin and official currencies has dropped tremendously, over 20% in 3 hours (from $139.00/bitcoin to $109.71/bitcoin), and has continued to fluctuate.

So what’s this mean for the average Internet user?

The FBI monitors and is actively engaged in stopping online hubs that facilitate illegal activities, even when they are advertised as being secure and anonymous. People participating in these illegal online activities will likely increase precautions they take, so they do not also become the target of three letter agencies. New markets will likely emerge to take the place of Silk Road, and the government will attempt to thwart them, as well.

Additionally, the Bitcoin market is still extremely volatile and should not be relied upon for as a dependable currency. There have been multiple cases in the past where Bitcoin value has fluctuated greatly. This is not the first case, and it won’t be the last. Accepting Bitcoin as a method of payment is risky, at best.

Leave a Reply

Additional articles

VMware Hardening Guidelines-img3

How to Audit VMware ESX and ESXi Servers Against the VMware Hardening Guidelines with Retina CS

Posted February 27, 2015    BeyondTrust Research Team

Retina CS Enterprise Vulnerability Management has included advanced VMware auditing capabilities for some time, including virtual machine discovery and scanning through a cloud connection, plus the ability to scan ESX and ESXi hosts using SSH. However, in response to recent security concerns associated with SSH, VMware has disabled SSH by default in its more recent…

Tags:
, , , ,
dave-shackleford-headshot

Privileged Passwords: The Bane of Security Professionals Everywhere

Posted February 19, 2015    Dave Shackleford

Passwords have been with us since ancient times. Known as “watchwords”, ancient Roman military guards would pass a wooden tablet with a daily secret word engraved from one shift to the next, with each guard position marking the tablet to indicate it had been received. The military has been using passwords, counter-passwords, and even sound…

Tags:
, , ,
Privileged Account Management Process

In Vulnerability Management, Process is King

Posted February 18, 2015    Morey Haber

You have a vulnerability scanner, but where’s your process? Most organizations are rightly concerned about possible vulnerabilities in their systems, applications, networked devices, and other digital assets and infrastructure components. Identifying vulnerabilities is indeed important, and most security professionals have some kind of scanning solution in place. But what is most essential to understand is…

Tags:
, , , , ,