Security Tech Today: Monero

Corey Sodes

October 30, 2017

From time to time, we at SCS like to discuss newer or lesser-known security technologies, bringing them into the light to use them – or to protect against them. Today, we’ll be discussing Monero.

What is Monero?

Monero, at its root, is a cryptocurrency. We’re sure you’ve heard of others in the space, like Bitcoin and Ether (the fuel for Ethereum), if only for their skyrocketing value. But clearly, this isn’t a financial blog, so we’ll leave discussion of that to the experts. Unlike Bitcoin, the developers of Monero built it from the ground up for privacy and anonymity. To ensure anonymous transactions, Monero uses ring signatures, an element of cryptography that verifies that someone in a group of valid people executed a transaction without saying who in that group did it. With these, attackers have a very difficult time tracing transactions to a specific user. A modification to the protocol, called RingCT, further obfuscates the amounts sent or received. Yet another inherent attribute of the protocol, stealth addresses, allow only the sender and receiver of a transaction can see where a payment was sent. IN 2014, Monero suffered an interesting attack involving the minting of counterfeit coins.

So what’s it mean?

So we know Monero is a cryptocurrency with some interesting privacy and anonymity components. But we’re IT pros, not financial specialists or investors, so why do we care? Let’s look at the use cases. For the most obvious one, check out this Wired article. Drug deals, of course, and guns, hacking tools, and other interesting things. If you want to buy them and more, the darknet markets are rapidly adopting Monero as the cryptocurrency of choice. Makes sense, considering Monero transactions can’t be correlated to a given buyer or seller by anyone not involved in the transaction. And they’re not telling, obviously. Tax evaders and people who want to hide money from someone else (for legitimate reasons or not) also could use it to hide the source or amount of their wealth. Police could use it to compensate whistleblowers and informants, and companies could use it to pay confidential settlements. Bringing it back into security, we’d expect to see more ransomware request payment in Monero as cryptcurrency adoption rates rise. At current rates of adoption, more enterprising researchers could easily purchase zero-days and other security services using Monero.

At this point, the seedier parts of the Internet have co-opted Monero for its inherent privacy. While legitimate use cases clearly exist, from an IT perspective, Monero doesn’t have value just yet. To be safe, you’ll probably want to block the Monero wallet and associated software. It runs on ports 18080 and 18081 for the main network, and ports 28080 and 28081 for the testnet. You’ll want to block or at least monitor traffic on those ports. Advise your business partners to use it under the direct supervision of your finance and legal teams. Cryptocurrencies do remain legal in the US and many other countries. However, Monero’s negative association with illegal activity means you should pull in the right people whenever transacting with cryptocurrencies. Just be safe and make sure you cover your bases.

What do you think about Monero? Like it, dislike it? What use cases can you imagine?

Secure Compliance Solutions LLC (SCS) provides a wide range of CISO advisory consulting and managed security services to small- and medium-sized businesses. We help our clients navigate the increasingly complex world of cybersecurity, from advising executives on long-term cybersecurity objectives to training analysts and engineers on emerging trends and threats. With industry experts in cybersecurity policy and regulations, compliance, and system hardening and monitoring, SCS can help businesses address any cyber threats out there today, whether small or large, internal or external. We champion a strategy of readiness and resilience. No matter the threat, SCS can and will protect against it.