CRApr 13, 2021
Going dark? Analysing the impact of end-to-end encryption on the outcome of Dutch criminal court casesPieter Hartel, Rolf van Wegberg
Law enforcement agencies struggle with criminals using to end-to-end encryption (E2EE). A recent policy paper states: "while encryption is vital and privacy and cyber security must be protected, that should not come at the expense of wholly precluding law enforcement". The main argument is that E2EE hampers attribution and prosecution of criminals who rely on encrypted communication - ranging from drug syndicates to child sexual abuse material (CSAM) platforms. This statement - in policy circles dubbed 'going dark' - is not yet supported by empirical evidence. That is why, in our work, we analyse public court data from the Netherlands to show to what extent law enforcement agencies and the public prosecution service are impacted by the use of E2EE in bringing cases to court and their outcome. Our results show that Dutch courts appear to be as successful in convicting offenders who rely on E2EE as those who do not. Our data does not permit us to draw conclusions on the effect of E2EE on criminal investigations.
CYJan 29, 2019
Malicious cryptocurrency miners: Status and OutlookRadhesh Krishnan Konoth, Rolf van Wegberg, Veelasha Moonsamy et al.
In this study, we examine the behavior and profitability of modern malware that mines cryptocurrency. Unlike previous studies, we look at the cryptocurrency market as a whole, rather than just Bitcoin. We not only consider PCs, but also mobile phones, and IoT devices. In the past few years, criminals have attacked all these platforms for the purpose of cryptocurrency mining. The question is: how much money do they make? It is common knowledge that mining Bitcoin is now very difficult, so why do the criminals even target low-end devices for mining purposes? By analyzing the most important families of malicious cryptocurrency miners that were active between 2014 and 2017, we are able to report how they work, which currency they mine, and how profitable it is to do so. We will see that the evolution of the cryptocurrency market with many new cryptocurrencies that are still CPU minable and offer better privacy to criminals and have contributed to making mining malware attractive again -- with attackers generating a continuous stream of profit that in some cases may reach in the millions.