Virtual currencies are not only here to stay but are becoming an ever-increasing part of the U.S. financial system. The still-growing number of cryptocurrencies have an aggregate global market capitalization of over $2 trillion. Bitcoin, the oldest and most well known, currently has a global value of over $1.1 trillion alone. But as digital currencies expand, so too does the risk that they will be targeted by hostile nations and cyber criminals.
According to a December 2020
But this may be a ticking time bomb due to growing concerns that the blockchain — the fundamental online transactional and ownership ledger for all bitcoin transactions — may be exposed to a potential catastrophic attack from new quantum computer technologies
Such an attack could wreak havoc on the U.S. financial system and the economy. The question is whether the government, regulators and the financial services industry, including the growing crypto industry, will start now to take the necessary steps to prevent a future crypto 9/11.
Picture such an attack compromising millions of ownership records and transactions, which would have catastrophic consequences for the nation’s markets, financial institutions, retirement funds and individual investors.
It is a major article of faith among virtual currency proponents that the blockchain’s encryption code, which is based on computer URL algorithms, is extremely secure and impervious to hacking. This view, however, is now being questioned and experts have begun to raise red flags about the potential for a crypto cyberattack.
As early as 2015, a Rand Corp.
How would this happen? A
The implication is clear: Governments are developing computer systems that will have the capability to launch an attack. Some analysts were focused on when quantum computer will become commercially available. Anderson Chang, the CEO of the London-based cryptography company Post-Quantum, argued in a recent interview that that could come relatively soon.
Blockchain leaders like Vitalik Buterin, the co-founder of Ethereum, a major cryptocurrency, are unfazed and believe that alternate computer solutions will be created to prevent such potential attacks. However, to date there appear to be no organized, much less successful, crypto industry efforts to produce the necessary technology to counter a quantum attack.
The U.S. must begin to take this looming threat seriously and consider taking the following steps:
1. Federal and state government financial services and law enforcement agencies must begin to coordinate and collaborate on crypto cyber threats. It is critical that federal and state financial services agencies begin to closely coordinate and collaborate on crypto issues and policies. The Financial Stability Oversight Council, somewhat moribund under the Trump administration, may be a good forum to start.
2. All financial institutions should be required to share crypto cyber threats. Section 314(b) of the USA Patriot Act provides for the ability to share threat information but it does not require it. Most other federal cyber threat sharing laws are similarly voluntary and should be made mandatory.
3. The U.S. intelligence community needs to implement a 21st- century cyber threat information sharing system with regulators and financial institutions. The Department of Homeland Security’s current Cyber Info Sharing Program is generally limited to sharing unclassified cyber threats with the financial services industry. Cyber, including crypto, threats should be considered national security threats and all significant cyber threat information should be shared on a real-time basis.
4. Financial institutions should be required to disclose their crypto-related activities and threats. Both crypto-related activities and threats should be considered material and reported in regulatory reports and SEC filings.
Once a major quantum attack on the blockchain occurs, we won’t be able to argue that the failure to prevent it was a failure of imagination. Experts are telling us in increasing numbers that the threat is real.