This week, we discuss kidnappings & gunpoint attacks demanding cryptocurrency. We often say that cryptocurrency is unseizable. But in one sense, it’s actually more seizable than dollars in your bank account: Kidnappers’ crypto accounts, unlike bank accounts, are unfreezable and are themselves unseizable – making stolen funds completely unrecoverable.
What can we do to be safe from ransom and wrench attacks?
Bitgenstein's Table is a narrative podcast with music and sometimes dramatization, so you might want to listen to this episode. But if you prefer text instead, or you'd like a few pictures, read on!
December 26, 2017.
Pavel Lerner, a director at U.K. cryptocurrency exchange Exmo, is leaving his Kiev, Ukraine office.
A black Mercedes van screams to a stop, and six masked men emerge and force Pavel inside.
The Exmo site is subjected to a Denial of Service attack, though it’s unclear whether that is related. Soon, Exmo executives are reading over a letter demanding $1 million, paid in bitcoin, for Pavel’s release.
Is this the future for cryptocurrency investors?
It sounds absurd, but one of the best ways to fight the dozens of cognitive biases, the mental shortcuts that can become thinking problems, which we use in day-to-day life is to remember that we humans over-generalize.
We find meaning, patterns, stories, and principles in order to understand the world. This is the only way we can use our mental resources effectively, but it also means we assign meanings to things than might not have those meanings, we selectively remember things and exaggerate things in order to fit the patterns we hold, and we apply stereotypes liberally.
We really cannot defeat these tendencies, since attempting to live without general principles would turn every tiny decision into analysis paralysis. But if we realize that we over-generalize, we can catch a number of errors.
Again, it sounds absurd: due to our cognitive biases, the best way to keep track of our many cognitive biases is to over-generalize them into the single category of over-generalization.
The blockchain space is full of generalizations.
Cryptocurrencies are “decentralized,” we say. Except that, to varying degrees, they’re not. As long as we are aware that this just is a generalization, we’re OK.
Cryptocurrencies are “unseizable wealth,” we say.
If someone takes the right security precautions, it’s not possible to seize their bitcoins or other cryptocurrencies by raiding their home, picking their pocket, or shaking them down as they escape across the border. This is wealth that is unseizable by traditional methods.
So what are the methods by which a group can take your cryptocurrency?
Obviously many would-be thieves try social engineering. They attempt to get you to give them your keys or send to incorrect addresses. If you’ve been in the space for a little while, you’ve seen bad emails, or URLs with diacritics like dots and lines above and below letters, directing you to malicious websites in an attempt to steal a private key or an exchange login and password from you.
But crypto-conscious people are becoming more and more aware of, and building more and more protections against, these social attacks. Serious cryptocurrency thieves will start to turn elsewhere.
Kidnappers who kidnap for ransom, according to rough estimates, make about $500 million a year on their crimes.
It’s been a major business in some places like Mexico City – my favorite movie with Denzel Washington takes place there, in which Denzel plays a bodyguard gone on a mad vengeance streak when kidnappers call and say that Pita, the girl he was protecting and who was kidnapped, is now dead. The film is called Man on Fire, and among its other good production values, the cinematography is unique and excellent.
Critics attacked the movie for becoming too violent and vigilante. They tally to only 39% on Rotten Tomatoes, while audiences give it an 89%. I may run a philosophy podcast, but that doesn’t mean I always agree with the movie critics.
The story of Man on Fire is based on real-life Mexico City kidnapper Daniel Arizmendi López, who made over $40 million on ransoms, and was often assisted by police officers in his kidnappings. He confessed to murdering four people and was imprisoned in 1998, and to my knowledge still resides in prison.
I’ve avoided areas at times for these reasons. During my time in north India, many groups and people warned me not to travel to the province of Assam. I really wanted to visit Assam, but kidnapping Westerners was particularly common that year. Even though my brother and I were poor by American standards, we were doing fine by Indian standards at the time.
Kidnapping for ransom is a worldwide issue. It’s about as old as money itself.
And kidnapping for crypto isn’t a new thing, either.
The first case I know of was January 20, 2015, where a Canadian expat in Costa Rica, Ryan Piercy, was kidnapped, and a $500,000 ransom was demanded in bitcoin. Ryan was held for 5 weeks, outside, chained by his neck to a tree.
Later that year, Wong Kwan, a Hong Kong businessman, was released after a ransom of $13 million was paid in bitcoin.
In May of this year, 13-year-old Katlego Marite was kidnapped in South Africa, and $120,000 was demanded in bitcoin. (Thankfully a friend of the family found a CCTV recording of the event, found the car involved in the area, and alerted police, and the boy was recovered and the kidnappers arrested.)
But these cases were not due to the individuals involved holding cryptocurrency. Katlego’s parents reportedly didn’t even know what Bitcoin was.
These attackers demanded bitcoin because Bitcoin accounts aren’t freezable. Transactions can’t be locked up or reversed by the authorities, nor do the kidnappers no longer need to risk a high-tension dropoff of a briefcase of cash.
But Pavel Lerner’s case was different. His kidnappers knew that he worked at a cryptocurrency company. Pavel was ultimately safely released, the $1 million ransom reportedly paid. Apparently, Pavel’s kidnappers had believed he had access to his exchange’s funds, which wasn’t true. Others had to transfer Pavel’s ransom rather than Pavel transferring it himself.
So this kidnapping-turned-ransom wasn’t likely originally planned to have a ransom letter involved. Perhaps it wasn’t initially meant to be a ransom attack at all, but a wrench attack.
It’s one of my favorite XKCD comics.
XKCD is a stick-figure webcomic on technology and other things where intelligent characters make absurd suggestions and inventions and often counter them with sarcastic shutdowns.
The wrench attack uses physical violence, other physical interventions, or the threat of these things to get someone to give up a passkey or sign a cryptocurrency transaction.
On January 28, 2018, Danny Aston, a British cryptocurrency trader, had his home broken into and was forced at gunpoint to make a Bitcoin transaction. Those who are known or suspected to have access to large amounts of cryptocurrency might become targets of these attacks.
Papers signed under force or duress might not hold up in court, and the court can invalidate them. But cryptocurrency transactions for most cryptocurrencies, including BTC, cannot be reversed by courts, so they cannot be invalidated. In this strange way, digital assets are actually more seizable than other assets.
If they are seized from you at gunpoint, there’s no help line or government agency to appeal to to get them back.
Unseizability is one of the major attractions of cryptocurrency.
As Blocktower Capital’s Ari Paul likes to point out frequently, what if the victims of the Holocaust or other genocidal episodes in human history could have escaped across the border with their wealth hidden as a password in their heads? They could have traveled lighter and safer, and could have had the means to start a new life whenever they arrived in a safer land.
Imagine if refugees from Nazi Germany or maoist China or Syria recently could take all their wealth with them when they start a new life elsewhere, with just a password in their head.— Ari Paul (@AriDavidPaul) December 16, 2017
It’s important that we think about these problems. How can we close, or at least avoid, the remaining loopholes in cryptocurrency’s unseizability?
There are a number of technological solutions in the works for protection against phishing and other attacks. Multi-signature accounts can prevent an individual’s signature from transferring funds from an account without another signature involved. This really just turns the wrench attack into a more complicated ransom attack, but it does help somewhat.
Some systems are experimenting with limited decentralized protections. EOS has a three-day freeze on tokens that are unstaked, preventing them from being transferred during that time. This allows an EOS account holder to notice the tokens being unstaked and use his or her owner key to change the account’s active key so that the compromised active key no longer has the power to transfer the tokens when the three days are up.
That’s helpful against gunpoint break-ins, but not so much against kidnappings. Many kidnappings have lasted longer than three days.
If you’re in the cryptocurrency space, or close to it, and you have ideas on creative technological solutions to this problem, the community is ready to support the development of your ideas. Preventing an attack on Bitcoin’s unseizability is in the interest of us all.
But even if protections will emerge, they’re in the future. What can we do until then?
It surprises me how we instinctively flaunt our wealth. In the human economy, wealth is power, so much as a lion roars or a bear rears up to intimidate others with its might, some humans feel compelled to drive Lamborghinis, throw wads of cash around, and play with gold-plated golf clubs.
This can be dangerous.
I don’t mean you’re in danger of exchanging close personal connections for mobs of shallow admirers, as true as that may be. And I don’t mean you’re in danger of pride corrupting your soul, or spirit, or mind, or essence, or whatever your view on metaphysics. I mean that people who make it publicly known that they’ve made lots of money on cryptocurrency make themselves targets.
Sometimes this is unavoidable, of course. Brian Armstrong can’t reasonably go live in a distant cave, the Winklevosses can’t reasonably change their identities, and Charlie Lee can’t publicly claim to sell all of his crypto assets. (Wait a second…)
But for the majority of listeners, the best protection in any situation – whether we’re talking violent crime, cyber crime, extortion, whatever – is to not be a target.
All strains of philosophical thought have had things to say about the ethics of the wealthy.
We haven’t discussed philosophy much in this episode. Perhaps that’s because most philosophers have lacked the perspective of the poor. Philosophical output has usually been an activity of exclusively the wealthy class.
Bitgenstein’s Table is named in honor of Ludwig Wittgenstein, a part-Jewish British Austrian philosopher who revolutionized two different schools of philosophy and worked in many fields: philosophy of logic and mathematics and then later philosophy of mind and language. Listen to episode one of the podcast to hear more about him.
Ludwig Wittgenstein’s family was wealthy. Very wealthy. His father, Karl Wittgenstein, was one of the wealthiest men in the world. Still, there isn’t much writing done on Karl. Despite his wealth, his sons gets the spotlight.
One son, Paul Wittgenstein, was a concert pianist who lost his right arm in the First World War. He created new techniques that enabled him to play things formerly considered impossible with his left hand. The piano songs accompanying the podcast version of this episode are for left hand alone.
Ludwig and Paul in 1909, before the war
Composers of the day like Sergei Prokofiev, Maurice Ravel, Benjamin Britten, and many more wrote many pieces for Paul Wittgenstein.
Paul’s brother Ludwig, meanwhile, gave away his massive fortune to his siblings, three of whom ultimately committed suicide. The family had billions of dollars – as of this writing far more than anyone who has made their money in the cryptocurrency boom – and yet they were plagued by sadness, and the one who did the best of them all gave his wealth away.
Most philosophical, spiritual, and ethical traditions – whatever you’re into – suggest that wealth is a burden as much as it is a blessing. I’m certainly not suggesting all wealthy people need to make the same move as Ludwig. But part of the burden of wealth is that people suspected to be wealthy are much more likely to be targeted.
That’s reason enough to be careful.
And by the way, I haven’t made much money on cryptocurrency. Just throwing that out there. Wrench-wielders, go find somebody else.
Hackers rely on deception – fake emails, fake webpages, false senses of urgency or opportunity, etc. – to wage their war on us. The Hollywood image of hackers brute-forcing encryption is nonsense. Besides finding exploits, attacks are mostly about using social engineering to get access.
As Sun Tzu famously says in The Art of War, “All warfare is based on deception.” What then is the best way to fight back? Also deception.
Deceptive information planted to suggest you’ve lost your assets already can turn off attackers. Information misleading them as to your identity, your location, your activities. Misdirection is the ultimate form of security. Paint yourself as a non-target, or mislead attackers into believing that targets exist where they don’t in fact exist, and you’re safer than a man with ranks of armed bodyguards and alarm systems.
Yet my suggestion from a few minutes ago still stands. Technological innovation that makes crypto unseizable by ransom and wrench may not be feasible, but if you have ideas how to make it so, you’re camping on a goldmine. Get involved with your favorite crypto projects and pitch your ideas, or launch a project of your own. If you need introductions or suggested projects, get in touch and I’ll consider which projects best suit your idea.
Next week, I’m excited to have Manuel Martin of Orvium on. Manuel worked at CERN’s Large Hadron Collider for many years. Now he’s teaming up with other experts to fix the problems with the business of publishing scientific and medical studies, a business plagued by an antiquated, opaque peer review process that can hide bias and conflicts of interest – and even create and reinforce false knowledge.
Learn how we can address these problems for a future of more reliable scientific and medical knowledge, next week, on Bitgenstein’s Table.