13.2 C
Casper
Saturday, October 12, 2024

From National Security to Crypto: Chasing Cyber Threats in the Age of Blockchain

Must read

Khushbu Raval
Khushbu Raval
Khushbu is a Senior Correspondent and a content strategist with a special foray into DataTech and MarTech. She has been a keen researcher in the tech domain and is responsible for strategizing the social media scripts to optimize the collateral creation process.

Explore Jacqueline Koven’s journey as Head of Cyber Threat Intelligence at Chainalysis, navigating cybersecurity, blockchain, and cryptocurrency and learning strategies to combat emerging threats using data analytics and machine learning.

Jacqueline Koven embarked on her career within the U.S. Intelligence Community, where she meticulously analyzed conventional threats to national security. As the cyber landscape emerged, she delved into this dynamic domain, recognizing it as a potent tool wielded by adversaries.

Koven’s fascination with the intricate interplay of new technologies, conflict, espionage, and financially motivated activities led her to her current role as Head of Cyber Threat Intelligence at Chainalysis. Join us as we explore her journey, insights, and the ever-evolving world of cybersecurity. 

Excerpts from the interview;

What does a typical day look like for you as the Head of Cyber Threat Intelligence at Chainalysis?

No two days are alike, and each day rarely goes as planned! We’re getting constant input and requirements from multiple vectors. We’re also attuned to current events and the need for rapid response. You have to move fast when you’re dealing with tracking instantaneous transborder cryptocurrency payments. 

Could you describe the role of cyber threat intelligence in the context of blockchain technology and cryptocurrency?

I’m very passionate about the intricacies of blockchain intelligence and cyber intelligence. Cryptocurrency is now regarded as an Indicator of Compromise (IOC) by the Cyber Threat Intelligence community, alongside file hashes and IP addresses on other traditional indicators. Even if cryptocurrency isn’t the end goal for a malicious cyber incident, it is more than likely that some part of the attack kill chain will leverage infrastructure, a tool or service that is purchased using cryptocurrency. Blockchain intelligence can fill in the gaps other telemetries cannot piece together. It’s a key part of cybercrime attribution, prevention, and disruption.

What are some common challenges you face in your role, and how do you overcome them?

The digital ecosystem is constantly evolving — there are always new business models and innovations, and unfortunately, threat actors are finding new ways to exploit them. Staying on top of these new developments that don’t fit established threat models — or haven’t even been defined by the industry yet — is a constant challenge but also what makes this role so exciting.

How does Chainalysis leverage data analytics and machine learning in cyber threat intelligence?

Chainalysis equips organizations across the public and private sectors worldwide with actionable intelligence, intuitive tracing capabilities, and specialized expertise so they can prevent and combat illicit crypto activities and safeguard national interests more effectively and efficiently.

Our innovative knowledge graph is the backbone of our data platform, through which we have been connecting on-chain activity with real-world entities since 2014. A knowledge graph is more than just data: it doesn’t just tell you where a transaction occurred; it enables you to generate insights about all the connecting activities. It joins data from various darknet and clear-net sources, including websites, forums, social media, etc.

Our platform integrates advanced cluster-level graphing with transaction-level chronological tracing and visualization, greatly enhancing the efficiency and speed of crypto investigations. By simplifying the process of tracing the source and destination of illicit funds across multiple blockchains along with token validation, it offers an intuitive and transparent approach to what was previously an opaque process. Equipped with features such as automated pathfinding, cross-chain graphing, and other advanced analytics tailored to navigate the intricacies of web3, investigators can construct comprehensive timelines and generate valuable leads. This ability to unravel and understand complex on-chain activities positions them at the forefront of solving crypto cases.

What strategies do you employ to stay ahead of emerging cyber threats and trends?

Dynamic communication with public and private sector partners, researchers, and nonprofits is critical. The cross-pollination of intelligence from multiple disciplines and sectors is vital to having the most comprehensive view of these multidimensional threats.

Can you share any notable success stories or case studies where your team’s efforts in cyber threat intelligence made a significant impact?

On 20 February 2024, the U.K.’s National Crime Agency (NCA) and the U.S. Department of Justice (DOJ) announced the disruption of Lockbit — one of the ecosystem’s fastest-growing, widely used, and most resilient ransomware-As-A-Service strains. The NCA leveraged Chainalysis tools in this investigation, resulting in a takedown of Lockbit’s infrastructure and its decryptor keys for Lockbit victims to recover their data without paying a ransom and sanctions against Lockbit RaaS affiliates. 

Chainalysis has also supported the disruption of other criminal networks, including the Netwalker ransomware group, the largest child pornography website ‘Welcome to Video’, and the darknet market Silk Road. We are proud that our blockchain intelligence can empower global law enforcement to identify and disrupt illicit activities spanning extortion, theft, CSAM, and Darknet Markets.

What advice would you give to individuals interested in pursuing a career in cyber threat intelligence, particularly within blockchain technology?

This space is still green fields. Don’t count yourself out! Nobody is too late to pick up blockchain analytics or any other new skill set or technique, especially in technology. If you’re curious, I’d look into our free introductory courses on Chainalysis Academy. The transparency of the blockchain and the ability to see a broad spectrum of illicit activity is a feast of information at your fingertips to enhance the cyber threat intelligence mission.

More articles

Latest posts