December 7, 2013
The value of bitcoins dropped 30% Thursday after the People's Bank of China and five other Chinese government ministries banned the country's financial institutions from handling the currency.
China's central bank issued a notice (naturally, in Chinese) that prohibits all Chinese financial and payment institutions from conducting any business using bitcoins, buying or selling bitcoins, or allowing products or services to be priced in bitcoins, and said that insurance would not cover any losses related to bitcoins.
Potentially adding insult to injury for the crypto-currency crowd's injury, China also said that because bitcoins lack "legal status and monetary equivalent," it wouldn't even deign to call the virtual payment system a currency.
After the Chinese central bank released its statement, the value of a bitcoin dropped to $870 on MtGox, the world's biggest Bitcoin exchange. That was down from this week's high of $1,240, but still well above the currency's all-time low of $1 in 2011. But by Friday, bitcoins had regained some of their value, trading at around $1,000.
[Bitcoin users: Beware attackers targeting passwords and other data. Read BitCoin Password Grab Disguised As DDoS Attack.]
Does China's stance on bitcoins signal danger for the crypto-currency? In fact, China didn't fully outlaw bitcoins. Rather, in what might be seen as akin to its approach to gambling, the government intends to regulate them. Notably, the central bank said that any site that wants to handle or process bitcoins must first register with China's telecommunications authorities, comply with anti-money laundering obligations, identify all users, and report any suspicious transactions. In short, Chinese authorities have prohibited bitcoins from being used anonymously.
China's central bank also warned that using bitcoins carries enormous risks for "ordinary investors," including a large degree of volatility, owing to a 24-hour trading window and a lack of built-in price limits. The bank further criticized the payment system's anonymity and lack of geographic restrictions, saying that made it an ideal vehicle for money laundering and financing terrorism. It also cited evidence that bitcoins were being used to finance drugs, firearms, and other criminal activities.
The bank also highlighted the risk of Bitcoin users being "exploited by criminals" and other unscrupulous -- or just clueless -- organizations, including bogus Bitcoin trading sites, as well as Bitcoin exchange operators who failed to implement proper information security controls.
When it comes to how governments view the Bitcoin phenomenon, Chinese officials' views aren't outliers. "It's a bubble," former Federal Reserve chairman Alan Greenspan told Bloomberg this week, effectively dismissing the virtual money. "It has to have intrinsic value. You have to really stretch your imagination to infer what the intrinsic value of Bitcoin is. I haven't been able to do it. Maybe somebody else can."
Similarly, Nout Wellink, the former president of the Dutch Central Bank, this week likened Bitcoin hype to the tulip mania in the early 1600s, when volatility in tulip bulb prices lead to a single bulb reportedly selling for 10 times the annual average wage of a skilled craftsman, threatening to topple the entire monetary system of some other European countries, including Great Britain. When the tulip-fueled speculative bubble burst, however, some people were left holding contracts for tulips valued at ten times what they were worth on the open market.
"Bitcoins are worse than the tulip mania," Wellink said (in Dutch). "Then, you at least got a tulip. Now, you get nothing."
Some users of bitcoins have learned that lesson the hard way. As the value of the currency has continued to rise, so has related interest from the cybercrime set. That includes the gang behind the Citadel banking malware, which was recently upgraded to capture screenshots if users browse to one of a number of virtual money sites, including not only stalwarts webmoney.ru and perfectmoney.com, but also bitcoin.org, mining.bitcoin.cz, and other Bitcoin trading and mining sites.
"In addition to this new Citadel variant, Trusteer's security team has observed an increase in the number of forum posts of members looking for help in targeting a Bitcoin related site while some cybercriminals are also asking for Bitcoin users' email databases," said Trusteer's Etay Maor Thursday in a "Bitcoin: a Platform or a Target?" blog post.
Related attacks continue to occur. Earlier this week, for example, popular Bitcoin discussion forum Bitcointalk.org warned its 176,584 members that their usernames and passwords may have been compromised by hackers, who apparently used a distributed denial-of-service (DDoS) attack as a smokescreen.
That followed another DDoS attack being used to hide a heist last month against Denmark-based Bitcoin payment processor Bitcoin Internet Payment System (BIPS) -- resulting in the theft of 1,295 bitcoins. Worth nearly $1 million at the time, the bitcoins had been stored in a free e-wallet service offered by BIPS. That led information security experts to recommend that anyone who uses bitcoins should never store them online, or perhaps on any Internet-connected system at all, given the ongoing risk of theft.
In October, meanwhile, two attacks against Australia-based free e-wallet service Inputs.io netted attackers about $1.3 million in bitcoins. The same month, a scam Bitcoin exchange set up in China tricked about 1,000 people into depositing bitcoins. But whoever was behind the site -- and the site itself -- disappeared in October, leaving someone about $4.1 million richer.
Even Bitcoin exchange MtGox was hacked -- via a SQL injection attack -- in June 2011, after which some senior members in the Bitcoin community claimed to have been offered the site's entire user database.
While the Bitcoin debate -- as Vice magazine summarized it -- often veers between "crypto-anarchist dreams" and "Ponzi scheme fears," for anyone who wants to use bitcoins without their wallets or payment processors being robbed, the overriding question remains: Can the Bitcoin ecosystem be secured?
InformationWeek 500 companies take a practical view of even trendy tech such as cloud, big data analytics, and mobile. Read all about what they're doing in our big new special issue. Also in the Information Week 500 issue: A ranking of our top 250 winners, profiles of the top five companies, and 20 great ideas that you can steal. (Free registration required.)
About the Author(s)
You May Also Like
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
What's In Your Cloud?Nov 30, 2023
Everything You Need to Know About DNS AttacksNov 30, 2023
Passwords Are Passe: Next Gen Authentication Addresses Today's Threats
How to Deploy Zero Trust for Remote Workforce Security
What Ransomware Groups Look for in Enterprise Victims
How to Use Threat Intelligence to Mitigate Third-Party Risk
Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware