The use of government devices for self-enrichment is illegal: USMC bans cryptocurrency

[ad_2][ad_1]

Last month, the United States Marine Corps banned the use of cryptocurrency mining applications, along with similar apps, on mobile devices used by the government. The issue involved a “privacy and security concern,” according to an administrative message from Marine.

According to some accounts, bitcoin and other so-called cryptocurrencies are the wave of the future. They are a decentralized form of digital money that allows people to make confidential transactions and can be used in international trade. For others, including most Western governments, decentralized currency could be a serious concern because it could be used for money laundering and is not supported by any government. Owning bitcoin could also be problematic for a security clearance holder.

Background about Crypto

In most cases, the currency is “digitally mined,” which according to some opponents of the technology is little more than money created out of thin air. However, mining involves solving complex math / computational problems, which allows the miner to chain blocks of transactions and, for this service, miners are rewarded with a newly created cryptocurrency. This mining involves considerable computing power and an extremely powerful computer – which must be kept cool to prevent it from overheating and freezing – which can take 10 minutes to produce a single bitcoin. For an average computer it may take months to achieve the same result, which is why some miners outsource part of the computer to other devices.

Unauthorized apps

Additionally, Marines are now prohibited from having gaming platforms, dating or gambling on their government-provided mobile devices. The note told the Marines to delete any apps from personal devices that the US government deemed a risk.

While many cryptocurrencies require high processing power, less popular “coins” with smaller networks can be mined more easily on individual devices, including laptops and even cell phones. In addition to the malware-related concerns, one factor is that individuals would continue to use government resources for personal gain.

“It is inherently illegal to use government resources for self-enrichment, making me wonder why they think they need a specific ban and whether we will see an imminent ban on using government vehicles for Uber racing, which would obviously be illegal,” explained the technology analyst Rob Enderle of the Enderle Group.

“Not that there would have been any attempts, but this ban suggests that these resources were not properly monitored or protected,” Enderle told ClearanceJobs. “It also suggests that someone in power was arguing it wasn’t specifically prohibited, hence the new rules, but, as noted, using government resources for personal enrichment is inherently illegal, so the story behind this rule change would suggest that someone at a high level was doing this. It has implications for both security and theft of government property. “

Widespread problem?

The very fact that the USMC is only now taking action on this may suggest that the problem was not that widespread.

“I would be shocked if more than an insignificant number of Marines were even aware that they had such apps installed,” suggested Jim excluded, an associate professor of computer science at the University of Maryland.

“It is not typically end users who receive revenue,” he told ClearanceJobs. “The value of cryptocurrency is based on calculating that it remains expensive, very expensive. Most of us don’t have personal machines powerful enough to make a difference, but the government does. A malicious operation produces value by injecting malware into thousands of machines. unaware users and absorbing these resources over time “.

This has already been a problem and in 2018 it was reported that thousands of websites, including many run by government agencies in the US and UK, were infected with code that caused secret cryptocurrency mining in web browsers. total, more than 4,200 sites were infected with malware known as Browsealoud.

“Usually this is done by malware, which means that a successful exploit offers access to all kinds of other malicious activity,” added excluded.

Privacy / Security Issues

The other problem is that despite the fact that the currency is decentralized; actual extraction can be monitored and tracked. Mining software could be used to spy on an individual.

“It is not so much that a user profits in some way, rather it is that these apps represent security gaps that can endanger staff,” said Larousse. “A harmless looking app that consumes resources in the background is a spectacular proxy for malicious actors to monitor DOD activities. If an opponent regularly receives simple behavioral data from apps that have been installed on Corps resources intentionally or inadvertently, aggregation telegraphs a lot about Corps activity and movement. “

While no opponent can openly persuade a Marine to bring a tracking beacon into a fight, as it would make him a target, malware via a mining tool might be best.

“Throwing some cryptocurrencies around is a cheap way to buy ‘information’ that you couldn’t win directly on the battlefield,” excluded told ClearanceJobs. “We remember the Fitbit experience. The location information and operator training was tracked by foreign actors until someone realized how much this fitness enthusiast practice was revealing. That was a trivial app. cryptocurrency mining on powerful machines is an order of magnitude greater than visibility. “

[ad_2]Source link