Governments could reduce international cyber crime by putting stronger regulations on cryptocurrency, a security expert has said.
Itai Greenberg, chief strategy officer at Check Point, told ITPro that greater government oversight of blockchain technology and transactions would be an immediate way to improve the threat landscape.
“If we put in regulation, we can dramatically reduce the amount of cyber attacks,” he said.
“It would have a direct impact, because cryptocurrency allows people to get dollars without being traced.”
Greenberg acknowledged that the government’s role in enforcing crypto rules can only go so far, and that the blockchain is here to stay.
“It was never introduced by governments, it will not be disappeared by governments.”
The different blockchains across the world support many legitimate uses, including more secure transactions of finances and synchronization of data in a decentralized format.
RELATED RESOURCE
Conquering technology risk in banking
Discover the five best practices leaders in technology risk management and resilience.
But Greenberg maintained that clearer rules around tracing and taxing when it comes to the blockchain is still needed.
“There are many, many good people around the world that contribute to the success of blockchain and cryptocurrency. What they do not have is the big brother that will tell them how to do it right, and we’re starting to see it now with Celcius, with FTX.”
Because transactions made on the blockchain are irreversible, it can prove difficult to recover funds stolen by hackers, or cryptocurrency that a company sends as ransom to a threat actor.
Cryptocurrency can be difficult to trace, but not impossible. The FBI was able to locate and recoup $2.3 million of the money lost in the 2021 Colonial Pipeline ransomware attack, and law enforcement can obtain warrants to check the digital assets of suspects.
Third-party exchanges can also work directly with government agencies to help them access funds.
But a fully fledged, international scheme to track and tax cryptocurrency would require the participation of world governments, and this could be difficult to secure.
Nations such as Russia already offer safe harbor to cyber criminals, and could be unwilling to compromise the payment channels of those under their protection.
More comprehensive tax requirements on crypto assets, as well as more stringent enforcement of existing laws, could help to dissuade criminals seeking to use crypto platforms as a basis for obtaining illicit funds.
In recent months, international agencies have become even more aggressive in their pursuit of cyber criminals and ransomware groups in particular.
The US Department of Justice (DoJ) placed a $10 million bounty on a Russian man linked to the groups LockBit and Hive, and has since charged a string of LockBit associates as it embarks on more operations to disable the group.
Greenberg praised this activity, saying the actions further protect the cyber security landscape for organizations and individuals.
Improving cyber resilience
Speaking on the wider strategies that companies can take to be more resilient to attacks, he suggested abandoning the traditional idea of detection and remediation, and to instead invest in real-time prevention.
With increasingly automated attacks such as DDoS bots or even AI-assisted fuzzing, the time delay between detection and response in older systems could mean the difference between resilience and compromise.
Greenberg acknowledged this can change be difficult to implement. For example, while false positives are acceptable in a detection system they can cause unwanted interference and disable core processes if they crop up in a prevention system.
He said many companies try to estimate how many times per year they will be attacked and that this is likely to be in the thousands, but that some companies fall into the trap of thinking that there’s little difference between 95% prevention and 99% prevention.
“It’s not about the 95% that you block, it’s about what you don’t block. And it needs to go as close as possible to 100%.”
Greenberg also highlighted the struggle that chief information security officers (CISOs) face in optimising their limited IT budgets, workforce, and skillsets.
“There are two philosophies here, one that says you split your budget with half in SOC, remediation, engineering people and half in prevention and detection,” he said.
“I would advise a CISO to put as much as they can into the prevention technology. So make it 90% of your budget, because you are no longer in this race of putting people and technology in to deal with remediation.
“Resilient companies will put more in prevention and outsource their remediation and incident response into an MDR service.”
-
Bigger salaries, more burnout: Is the CISO role in crisis?In-depth CISOs are more stressed than ever before – but why is this and what can be done?
-
Cheap cyber crime kits can be bought on the dark web for less than $25News Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
‘Phishing kits are a force multiplier': Cheap cyber crime kits can be bought on the dark web for less than $25 – and experts warn it’s lowering the barrier of entry for amateur hackers
News Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
Healthcare systems are rife with exploits — and ransomware gangs have noticedNews Nearly nine-in-ten healthcare organizations have medical devices that are vulnerable to exploits, and ransomware groups are taking notice.
-
Alleged LockBit developer extradited to the USNews A Russian-Israeli man has been extradited to the US amid accusations of being a key LockBit ransomware developer.
-
February was the worst month on record for ransomware attacks – and one threat group had a field dayNews February 2025 was the worst month on record for the number of ransomware attacks, according to new research from Bitdefender.
-
CISA issues warning over Medusa ransomware after 300 victims from critical sectors impactedNews The Medusa ransomware as a Service operation compromised twice as many organizations at the start of 2025 compared to 2024
-
Warning issued over prolific 'Ghost' ransomware groupNews The Ghost ransomware group is known to act fast and exploit vulnerabilities in public-facing appliances
-
The Zservers takedown is another big win for law enforcementNews LockBit has been dealt another blow by law enforcement after Dutch police took 127 of its servers offline
-
There’s a new ransomware player on the scene: the ‘BlackLock’ group has become one of the most prolific operators in the cyber crime industry – and researchers warn it’s only going to get worse for potential victimsNews Security experts have warned the BlackLock group could become the most active ransomware operator in 2025
