CFTC Commissioner Warns Hackers Becoming More Innovative

Cyber hackers today are “more coordinated, innovative, and resourced,” warned Christy Goldsmith Romero, Commissioner at the U.S. Commodity Futures Trading Commission (CFTC), during her speech at the FIA International Derivatives Expo Conference. The official drew attention to the worrying pattern of cybercriminals seeking refuge in nation-states like China, Russia, North Korea, and Iran.

Taking note of the Lazarus Group that could have been enjoying state sponsorship, she emphasized that these hackers will exploit any vulnerability they can find.

Cyber Threat Intensified With AI Emergence

The combination of the top three cyber threats—ransomware, zero-day vulnerability, and third-party servicer vulnerability— along with the increasing use of artificial intelligence poses a challenging landscape for cybersecurity, per Commissioner Romero.

In the face of such threats, she notes that players in the industry must fortify their systems. Romero stated, “As one part of the advancement to cyber resilience, the U.S. Government, including the CFTC, is advancing to Zero Trust under a White House Executive Order.”

Notably, the Cybersecurity and Infrastructure Security Agency (CISA) created the Zero Trust Maturity Model. The framework aids organizations in converting to a zero-trust architecture, which is more secure.

The seriousness of the issue is evident from the FBI’s report of $10.3 billion in cybercrime losses in 2022 alone. Commissioner Romero addressed crucial methods that organizations can implement to establish cyber resilience and effectively combat this growing threat.

Five Pillars to Combat Cyber Hackers

She first proposes a proportionate and appropriate strategy that fits the organization while considering unique risks. Second, the commissioner issues instructions to adhere to generally recognized norms and best practices. To elevate accountability, she also advocates for governance. The two final pillars are enhancing third-party risk resilience and leveraging existing work already done in the cybersecurity space.

She calls for collaboration between regulators, industry participants, and the government as a collective defense against cyber criminals. However, the reality has already seen too many attacks. A significant exploit occurred on the Atomic Wallet earlier this month. It resulted in the theft of approximately $35 million from the multichain crypto wallet.

In a related development, the U.S. Department of Justice (DOJ) recently unsealed indictments related to the hack of Mt. Gox, the once-largest Bitcoin exchange. Two Russian nationals were charged in the 2011 hacking. This case reminds us of the persistent threat posed by cyber criminals from particular regions with the need for robust cybersecurity measures.

North Korea Remains a Threat

Cyber-attacks originating from countries like North Korea are also on the rise. These state-sponsored hackers often use mixers to hide the trail and launder money to allegedly benefit top leaders. In April, the U.S. Treasury Department imposed sanctions on three individuals linked to North Korea’s Lazarus Group. 

Reports suggest that North Korea has a notorious reputation for engaging in crypto hacking, with billions of dollars stolen from banks and crypto firms. In 2022 alone, North Korean hackers reportedly perpetrated the theft of $1.7 billion, which accounts for nearly half of the global amount stolen through cybercrime.

That said, the usage of digital finance has increased. Therefore, governments, cryptocurrency companies, and users need to take precautions against such hacking efforts.