Cybersecurity

Winnipeg police get provincial funding to beef blockchain forensics unit

The Winnipeg police service received money from the Criminal Property Forfeiture Fund to provide training through the Cryptocurrency Tracing Certified Examiner course.

Police in Winnipeg, the capital of the Canadian province of Manitoba, will be better prepared to deal with the use of cryptocurrency in cybercrime, thanks to $100,000 Canadian dollars (CAD), almost $78,000, in funding provided by the provincial government.

Provincial Justice Minister Kevin Goertzen on Wednesday said the money from the Criminal Property Forfeiture Fund will be used to put five additional members of the police service through a Cryptocurrency Tracing Certified Examiner training program, as well as to purchase specialized software to trace cybercrime activities such as CipherTrace and Blockchain Forensics.

According to the Manitoba government, cybercrimes have increased by more than 370% between 2016 and 2020. Sargent Trevor Thompson of the Winnipeg police financial crime unit said in a statement:

“As cryptocurrencies have risen in popularity and become more widely available, criminal actors have now migrated into this space and are primarily using cryptocurrencies as the medium to obtain funds from their victims. In order to combat the rise in the use of cryptocurrencies in criminal enterprises, police must adapt.”

Thompson went on to say that his office receives seven or eight reports of cybercrime per day, mostly related to fraudulent investment schemes that take advantage of the victim’s lack of understanding of how crypto works. Many times the criminal organizations involved are located outside Canada. Anonymity is also an issue in crypto-related crimes, he added.

Related: Victorian police to get ‘greater power’ to seize crypto assets from criminals

Thompson told a news conference that the majority of frauds in Winnipeg and throughout Canada are now using crypto in “traditional” romance scams and online employment scams, leading to “life-altering financial losses and emotional distress.”

The Manitoba Securities Commission is also active in the fight against crypto-related cybercrime and has warned the public of a variety of criminal schemes. The Manitoba Criminal Property Forfeiture Fund has distributed more than $20 million CAD, or around $15 million, since its creation in 2009.

The worst places to keep your crypto wallet seed phrase

A look at the best practices and worst hiding places for what could be the most important and wealthy possession in a home: a seed phrase.

Under the mattress, in the seams of a piece of luggage or even rolled into a cigar, what are the worst and best ways for keeping a seed phrase safe? The key to unlocking and recovering cryptocurrency, a seed phrase, should be secured and safe. 

Especially now that prices are low and the crypto tourists have checked out, it might be time for a crypto security spring clean. Security starts with a seed phrase, sometimes called a recovery phrase.

There’s no denying it: Bitcoin and the crypto space writ large are in the clutches of a bear market. Since Do Kwon’s Terra experiment went up in smoke, a crypto contagion has choked the most reputable of exchanges, causing many self-sovereignty advocates to chant, “not your keys, not your coins.”

Indeed, hardly a day goes by that another “trusted” crypto lender freezes customer withdrawals. From Singapore’s crypto lender Vauld to Thailand’s crypto exchange with 200,000 customers, Zipmex, to the world-renowned Celsius exchange, many centralized lending platforms have suffered similar fates, ensuring heartbreaking consequences for customers in 2022.

These circumstances are timely reminders to look after one’s own keys and to ensure they are in a safe place. So, while prices are low and trust in centralized exchanges (places that claim to look after crypto), also hits rock bottom, there is no better time to up the security of one’s crypto assets.

Seed phrases save lives

A seed phrase, sometimes called a private key, is a list of 12 or 24 words forming a mnemonic phrase. Metaphorically speaking, a hardware wallet, or cold wallet, contains these keys providing a convenient way of sending, or “signing” funds. 

If looked after properly, a seed phrase can save lives, as Alex Gladstein, a human rights activist and chief strategy officer at the Human Rights Foundation, often states. For example, if a burglar steals a hardware wallet but not the seed phrase, it’s no critical issue — the seed phrase can be used with a new wallet. If a government or bad actor forces you to flee, the 12 or 24 words can be used anywhere in the world to access Bitcoin (BTC) or crypto funds.

Goldbug and Bitcoin skeptic Peter Schiff once bungled his seed phrase, confusing it for his pin code. That’s the first mistake to avoid. Now, here are some other examples of where not to store a seed phrase.

Open secrets

The couple in possession of the Bitfinex billions in Bitcoin, who stored their seed phrase on their cloud storage account, take the first prize. As Cointelegraph reported, cybercriminals Heather Morgan and her cybersecurity specialist husband, Ilya Lichtenstein, stored their seed phrase on a cloud storage account. As such, the FBI only had to crack their iCloud password to gain access to over $4 billion in BTC at the time of reporting. The lesson here is to not store let your seed phrase on the internet. That means your Evernote notes, in a draft email or even in a low engagement tweet:

Similarly, as Cointelegraph reported, one must never type a seed phrase into a phone. Why? Because, as one Redditor realized, smartphone text prediction could actually guess a seed phrase. Text prediction, while at times useful for tricky spelling or emojis, is counterproductive when it comes to protecting personal wealth.

Although it sounds fitting, a fridge is also not the ideal place for the “cold” storage of cryptocurrencies. A Bitcoin enthusiast replied, “Fridge,” to the question “where is the weirdest place to store a seed phrase?” without explaining whether the seed phrase should be stored inside or on top of the fridge. As it turns out, a nonfungible token (NFT) fan had already stored a seed phrase on the fridge:

Cointelegraph’s editor-in-chief, Kristina Lucrezia Cornèr, suggests that the worst place for a seed phrase to be stored is in bad memory. Indeed, unlike dates of historic battles, car keys or the names of acquaintances from passages of life, a seed phrase should be wholeheartedly committed to memory. 

Among the more creative yet memory-exhaustive methods are memorizing “pages, lines and words from favorite books,” which for one Bitcoiner means storing the seed phrase on pages 100 to 112 of a Harry Potter text. Which one of the eight or more books Harry Potter books is anyone’s guess. Fortunately, there are now nifty ways to memorize a seed phrase. MTC, a Bitcoin educator who thought up the Sats Leger savings device, concocted a way to memorize a seed phrase in just 10 seconds through patterns.

Playing it safe

But, what do the experts have to say about seed phrases? Chris Brooks, founder of cryptocurrency recovery business Crypto Asset Recovery, told Cointelegraph that in his experience, human error can eradicate wealth. People should be more worried about leaving their seed phrase or private keys in paper wallets that can be mistakenly thrown out rather than hackers or scammers. Brooks explained:

“You have a far greater chance of moving to a new apartment and losing your crypto password in the process than you do of getting hacked.”

The Brooks family behind Crypto Asset Recovery operated a “seasonal business,” as in every bull market, such as in 2017 and 2021, the crypto crackers are called upon by crypto enthusiasts who have forgotten their passwords or lost their seed phrases. At one point in 2021, they told Cointelegraph they had up to 150 customer calls in a day. Their one big piece of advice for managing seed phrases is to keep it simple:

“So generally speaking, our security tips are pretty basic. Get a $30 safe off Amazon or, you know, build a little wooden box that’s easily identifiable as a place for secure documents and just store your seed phrases there.”

They suggest putting anything important into that box. That way, whenever “you’re doing spring cleaning or when you’re moving houses, you’re not going to throw it out. You’re not going to shred the paper or something like that.”

Related: NFT, DeFi and crypto hacks abound — Here’s how to double up on wallet security

However, because it’s crypto, those of a physical persuasion may be more inspired to store their seed phrases in some even more creative storage “boxes.” Bitcoin advocate, onthebrinkie 3D printed an adult toy suitable for an OpenDime (like a USB key for Bitcoin) or a seed phrase to be hidden away. The inspiring idea is that if an intruder breaks in, they might steal the wooden box full of important documents, but no one in their right mind would steal a sex toy. 

Solana and Ethereum smart contract audits, explained

What are smart contract audits, how do they work, and how do they benefit the crypto projects who get their code scrutinized? Let’s find out.

Do smart contract audits improve crypto’s image?

Blockchain technology is becoming a bigger part of all our lives — and auditors like Hacken are ensuring that crypto projects put their best foot forward.

Improving the quality of smart contracts helps reduce those unpleasant headlines about major hacks in the press, and boosts the reputation of crypto projects in the public’s eyes.

Once an investigation has taken place, Hacken offers labels to ensure verified projects can declare they’re audited by Hacken on an official website. 

Reports are also attached to a crypto project’s official presence on major websites such as CoinMarketCap and CoinGecko. 

The most common types of contracts that the company interacts with include token, token sale, exchange, ERC-721, swap farming, staking, ERC-20, BEP-20 and reward pool. 

Already a member of the Enterprise Ethereum Alliance and Solana Foundation, Hacken has its sights set on winning a 20% share of the Web3 cybersecurity market by 2024.

Learn more about Hacken

Disclaimer. Cointelegraph does not endorse any content or product on this page. While we aim at providing you with all important information that we could obtain, readers should do their own research before taking any actions related to the company and carry full responsibility for their decisions, nor can this article be considered as investment advice.

And how long do smart contract audits take?

It’s a process that takes several weeks — depending on how quickly a crypto project works.

Hacken says initial audits typically take 2 to 14 days depending on a smart contract’s complexity and size… and if it’s urgent, these investigations can be expedited. Again, for larger protocols, it might take longer — 30 days in some cases.

At this point, a project will be given recommendations on what needs to be fixed — and how quickly these changes are made will depend on them. Auditors like Hacken then offer a remediation check to ensure all of the vulnerabilities have been patched over to a high standard.

How much do smart contract audits cost?

As you might expect, this depends on how complex a smart contract is.

According to Hacken, this can extend to $500,000 for larger projects where there are more lines of code — not least because of the additional engineering hours it’ll take.

The company argues these costs pale into comparison with the economic damage that a smart contract vulnerability can bring.

Hacken cites data showing that, in 2021, 80% of the incidents affecting decentralized applications related to smart contracts — with losses hitting $6.9 billion.

Breaking this down even further, and we can see that the average cost per project stands at $47 million. Somehow, $500,000 looks a lot less expensive now. 

Overall, 60% of its clients have been based on Ethereum so far in 2022.

And here’s the difference it can make — after an audit, at least one critical bug was uncovered in 80% of projects. But Hacken says just 75% have fully acted on an audit report in the past — with the remainder ignoring the conclusions, or only taking a small number of recommendations into account. As a result, they had a lower security score.

How do smart contract audits benefit crypto projects?

Audits are vital for ironing out any kinks in a crypto project, and ensuring code is ready to be used by the masses.

Hackers were responsible for stealing $1.3 billion in 78 incidents across the first quarter of 2022 alone, and two-thirds of these attacks were on the Ethereum and Solana blockchains.

But what causes certain projects to be targeted… and how could a smart contract audit have helped them? 

Well, common reasons include crypto projects prioritizing speed — and failing to factor in time for a comprehensive audit from a dependable provider. 

They may also rely on their own in-house teams to perform security checks. And although this looks financially sensible, there’s a danger that internal staff may not be up to date on the latest hacking techniques used by malicious actors.

Inevitably, some will also believe that they are too good to fail. But complacency is enemy number one in the crypto space, and even the finest projects can fall victim to a hack.

Are Solana smart contract audits different?

Smart contract audits will vary slightly depending on the blockchain code is based on.

Common security vulnerabilities on Solana can include missed ownership checks, meaning attackers can use fake configurations to bypass access controls.

And while smart contracts can call functions from external smart contracts, validation failures could mean black hat hackers get an opportunity to supply malicious inputs that affect how the code operates.

Top auditing firms will access a Solana smart contract based on documentation quality, security, architecture quality and code quality. Vulnerabilities are assigned a severity level too, meaning business-critical issues can be tackled first.

How does an Ethereum smart contract audit work?

The best security firms will put code through stress tests to see how they perform in a range of scenarios.

Experts say it’s important for a project to provide a complete and clear technical specification — and ideally, offer documentation of the deployment process.

These audits aren’t just about uncovering issues that black hat hackers could take advantage of, but flaws that could stop an Ethereum smart contract from working correctly.

The attack vectors being scrutinized can get rather technical — but they include replay attacks, where valid data transmissions are repeatedly made by malicious actors in order to execute fraudulent activities. Others include reentrancy attacks, reordering attacks and short address attacks.

Once an investigation has been completed, crypto projects receive a detailed report of the vulnerabilities within their code — alongside recommendations on how to mitigate their impact, or eliminate them altogether. 

As a result, the resources saved through an effective audit can far outweigh the cost… and it can avoid reputational damage, too.

What is a smart contract audit?

Smart contract audits involve scrutinizing the code of crypto projects — highlighting security vulnerabilities.

Smart contracts are a crucial cog of the crypto ecosystem — and they’ve unlocked a plethora of use cases for blockchain technology.

But for developers who are furiously writing code, safety needs to be a number one priority. Smart contract exploits can put user funds at risk, and we’ve all seen headlines of high-profile hacks where eye-watering sums of money were lost.

An audit allows an independent organization to kick the tires of a smart contract, and detect vulnerabilities before they’re spotted by malicious actors. This can help crypto projects to achieve credibility, all while giving users peace of mind. Audits are typically done before smart contracts are deployed, as they can be difficult to fix once uploaded to a network.

Smart contracts are commonly found on blockchains including Ethereum and Solana.

WEF introduces cyber resilience framework, index to increase organizational security

The international organization looked at ten cybersecurity frameworks as it created its comprehensive version with six principles and numerous best practices.

The World Economic Forum (WEF) released a white paper on cyber resilience Thursday in which it introduces the organization’s Cyber Resilience Framework (CRF) and Cyber Resilience Index (CRI). The document, prepared in collaboration with professional services company Accenture, followed the WEF’s Global Cybersecurity Outlook, published in January.

The Global Cybersecurity Outlook found that only 55% of cyber leaders considered cyber resilience to be integrated into enterprise risk-management strategies. In response, the industry-agnostic CRF considered existing frameworks to establish six principles with associated best practices and sub-practices. Those, in turn, provided 64 performance measures that inform the CRI.

“The working group to develop the CRI brought [together] more than 50 executives from [the] public and private sector and worked for a year,” WEF Centre for Cybersecurity lead Algirde Pipikaite told Cointelegraph by email. “We hosted eight workshops, one-on-one consultations and gathered written feedback from the community.”

Related: Chainalysis launches reporting service for businesses targeted in crypto-related cyberattacks

The white paper stressed the interdependence of risk in the Fourth Industrial Revolution — the designation given by WEF founder Klaus Schwab to the changes being brought about by emerging technological advancements. It stated:

“The Fourth Industrial Revolution means that systemic interdependence is both the risk and the reward of the opportunity, because value and impact on the future are exponential rather than cumulative, and every day counts.”

The WEF estimated Fourth Industrial Revolution the will create $100 trillion of additional value for the world economy by 2025.

“We envision that the CRI will become widely accepted by the industry and the first pilot is currently running with the Oil & Gas community,” Pipikaite said.

The next steps for increasing cyber resilience, according to the white paper, are establishing common cyber resilience performance indicators, measuring the causation and correlation within and between ecosystems, and calculating centrality to determine if and how some members carry greater weight in ecosystem resilience.

Other organizations have tackled resilience issues as well, including the Atlantic Council and the International Monetary Fund.

Infamous North Korean hacker group identified as suspect for $100M Harmony attack

A new report suggests that a notorious North Korea-affiliated hacking group may be behind last week’s $100 million Harmony attack.

The Lazarus Group, a well-known North Korean hacking syndicate, has been identified as the primary suspect in the recent attack that saw $100 million stolen from the Harmony protocol. 

According to a new report published Thursday by blockchain analysis firm Elliptic, the manner in which Harmony’s Horizon bridge was hacked and the way in which the stolen digital assets were consequently laundered bears a striking resemblance to other Lazarus Group attacks.

“There are strong indications that North Korea’s Lazarus Group may be responsible for this theft, based on the nature of the hack and the subsequent laundering of the stolen funds.”

Additionally, Elliptic outlined exactly how the heist was executed, noting that The Lazarus Group targeted the login credentials of Harmony employees in the Asia Pacific region to breach the protocol’s security system. After gaining control of the protocol, the hackers deployed automated laundering programs that moved the stolen assets late at night.

Elliptic also noted that the hackers have already transferred over 40% of the $100 million to Tornado Mixer, an Ethereum-based “mixing service” that obscures transaction data and makes it extremely difficult for investigators to trace the movement of funds.

Initially, the Harmony team offered up a $1 million bounty as an incentive for the hackers to return the funds. However, on June 29, Harmony upped the bounty to $10 million and claimed that a full return of funds would end the investigation and no further criminal charges would be pursued.

The $600 million Ronin bridge hack, which occurred in April, has also been linked back to The Lazarus Group. Due to current market conditions, the value of the stolen Ether (ETH) has plummeted more than 60% down to $230 million.

A recent report from Coinclub.com indicates that North Korea has deployed 7,000 full-time hackers to raise funds through cyberattacks, ransomware and crypto protocol hacks. North Korea is the world leader in cryptocurrency-related crime, with over 15 documented instances of cyber theft amounting to roughly $1.59 billion in stolen funds.

Related: Harmony hacker sends stolen funds to Tornado Cash mixer

Harmony’s Horizon bridge is the latest addition to a growing list of token bridges that have been attacked, including Meter, Wormhole and Ronin, bringing the total amount of bridge token-related theft to a little over $1 billion in 2022 alone.

The largest token bridge to be hacked was Poly Network in 2021, which lost $610 million, almost all of which has since been returned.

Atlantic Council looks at how to maintain central bank digital currency cybersecurity

The thinktank looked at the interplay of performance, security and privacy in possible CBDC designs and made recommendations for optimizing it.

The U.S. thinktank Atlantic Council released a report Wednesday on cybersecurity issues related to central bank digital currencies (CBDC). The authors provide a generalized discussion of CBDC security, but with a clear focus on the United States and issues specific to it.

They determined that the security risks presented by a CBDC depend heavily on its design, with performance, security and privacy being balanced variously in different designs. The report looked at six design options, only three of which are being considered or deployed in real life.

Privacy was identified as the main risk from a CBDC for consumers. In some designs, a CBDC could store a record of user activity and transactions, leading to the risk not only of thetheft of funds but also the theft of users’ personal information. The report says that:

“A CBDC could contain large volumes of personally identifiable information ranging from what prescription drugs you buy or where you travel each day.”

Reduced regulatory oversight was seen as a risk from the introduction of a CBDC of any type as well. Nonetheless, increased privacy can enhance security, the report said, while still providing “some level” of regulation. The Fourth Amendment to the U.S. Constitution, protecting against unreasonable search and seizure, should apply to the CBDC ledger, the report noted, forcing prosecutors to obtain a court-issued warrant before accessing it.

Related: ‘CBDCs are the natural evolution,’ says HyperLedger director Barbosa

The report provided a range of recommendations for the design of a CBDC. It emphasized that the current system of wholesale and retail payment systems faces significant and complex risks, many of which are the same as a CBDC would face and recommended using existing security systems to safeguard CBDCs when possible.

The fast recovery of payment volumes on Fedwire, the U.S. Federal Reserve’s domestic funds transfer system, after the attacks on September 11, 2001, which knocked out critical infrastructure, was cited as evidence of the system’s resilience. The hacking of the Bangladesh Bank in 2016 was held up as an example of the vulnerability of the public-private wholesale payment system as a whole.

The report also summarized the 20 pieces of CBDC-related legislation now before the U.S. Congress.

OpenSea announces new security features to protect users from NFT scams

The new feature will automatically hide suspicious NFT transfers from view on their marketplace.

One of the most popular crypto startups, OpenSea, has recently come under fire for stolen and plagiarized nonfungible tokens (NFTs).

In light of the growing number of NFT scams, OpenSea has announced the launch of a new feature that will automatically hide suspicious NFT transfers from view on their marketplace. This will help to protect users from being scammed and ensure that only legitimate transactions are visible.

According to a blog post on Monday, the new feature will automatically conceal suspicious NFT transfers to address key concerns around trust and safety on OpenSea.

OpenSea has recently been focusing on enhancing trust and safety on the platform. The NFT marketplace will make substantial investments in a variety of important areas for trust and safety, including theft prevention, IP infringement, scaling review and moderation, and reducing critical response times in high-touch settings, as per a recent blog by the project’s co-founder and CEO Derin Finzer.

Furthermore, OpenSea has established a special moderation team to handle review and moderation. For copyright concerns and other fraud vectors going forward, it will use “critical auto-detection” technologies. According to Finzer, removing these types of items from the platform will improve its overall performance. It will also prevent unsolicited advertisements and fraudulent items that may be found on open blockchains from being seen on OpenSea.

On Teusday, the OpenSea CEO tweeted that it’s possible to get NFT transfers from individuals you don’t know, just as with receiving an unwanted email, adding that:

“Recently, we’ve seen scammers use these transfers to entice people to click links to malicious 3rd party sites. Our latest Trust & Safety release helps prevent this new scam.”

The latest OpenSea safety measures arrive as demand for NFTs is cooling down, and the cryptocurrency market is in a downward spiral. The flourishing economy is no longer being overlooked by U.S. law enforcement, as evidenced by the arrest of Nathaniel Chastain, a former product manager at OpenSea who was charged with wire fraud and money-laundering offenses.

Related: Targeted phishing scam nets $438K in crypto and NFTs from hacked Beeple account

In 2021, when the NFT boom got underway, business at OpenSea increased dramatically. However, frequent hacks and fraud have left many investors dissatisfied with the platform’s efforts to compensate victims and combat theft.

Chainalysis exec touts blockchain analysis to Senate homeland security committee

Three experts from the private sector appeared before the Senate committee Tuesday to talk about ransomware attacks and how to combat them.

The collection and processing of information was a major theme at the United States Senate Committee on Homeland Security and Governmental Affairs (HSGAC) hearing titled, “Rising Threats: Ransomware Attacks and Ransom Payments Enabled by Cryptocurrency” on Tuesday. The committee hosted a panel of private-sector experts who discussed the problem of ransomware attacks and the challenges of collecting and using the information necessary to fight them. 

Committee chair Gary Peters of Michigan, who introduced the Strengthening American Cybersecurity Act in February, said the government lacks sufficient data even to understand the scope of the threat posed by ransomware attacks. Attackers almost exclusively ask for payment in cryptocurrency, he added.

Several figures were trotted out to quantify the problem. Chainalysis head of cyber threat intelligence Jackie Burns Koven said the company had identified a record $712 million paid to attackers in 2021, with 74% of the money going to threat actors in Russia or with links to Russia. The average payment was $121,000, and the median payment was $6,000. Attackers often use a Ransomware-as-a-Service business model.

Related: Making crypto conventional by improving crypto crime investigations worldwide

Ransomware is a form of extortion, and it existed before cryptocurrency, Institute for Security and Technology chief strategy officer Megan Stifel and Coveware CEO Bill Siegel said. Knowing what information to collect when an attack occurs and how to organize the information is a major challenge for law enforcement, Siegel added.

Information collection often is “a convoluted mess at the worst possible moment,” committee member James Lankford of Oklahoma said. Multiple agencies demand overlapping but not identical data from victims of attack in its aftermath — and then, prosecution of the case could take years. Those factors, along with concerns that the attackers will not release an encryption key if law enforcement becomes involved, explain much of the hesitancy of victims to report attacks.

Stifel suggested that designating a single agency to receive and triage data after an attack would improve information collection, especially if businesses established a relationship with that agency prior to the attack.

Koven said blockchain analysis can provide “immediate insight into the network of wallet addresses and services (e.g., exchanges, mixers, etc.) that facilitate the illicit actor,” in contract to the lengthy processes of traditional financial investigation.

U.S. government sanctions imposed on ransomware actors and their facilitators are highly effective, Koven continued. She pointed to sanctions against Russia-based cryptocurrency exchange Garantex and trader Suex as examples. Money flows “drop to almost zero” after sanctions, she said. In addition, blockchain analysis can track the rebranding of attackers, and Chainalysis has developed technology to track funds through cryptocurrency mixers.

Cybersecurity firm supports Bitcoin ‘mission,’ converts balance sheet to BTC

Octagon Networks, a global cybersecurity company, announced it would adopt a Bitcoin standard, offering half-price discounts for Bitcoin payments.

Another business jumps aboard the Bitcoin bandwagon. Octagon Networks, a global cybersecurity network company with over 20 employees announced on Monday that it had “finished the process of converting its liquid assets and entire balance sheet into Bitcoin (BTC).” 

The group will also “start accepting Bitcoin payments for all of our services, with a 50% discount when paid in Bitcoin.”

Cointelegraph spoke to the Ethiopian cofounders of Octagon Networks, who preferred to remain anonymous. They explained that adopting Bitcoin was driven by a belief in Bitcoin and volition to support the network:

“We are large proponents and believers in Bitcoin. We believe in a truly decentralized form of money that can be transferred at the speed of light.”

They added that the “$25,000 area” could be the bottom of the bear market, while qualifying that the Bitcoin they have accumulated “doesn’t affect our operating costs as everyone who works here is a sole believer in the mission of Bitcoin.”

The team stressed that — contrary to a commonly held belief that adopting Bitcoin is an attack on fiat currency — the group is proud of its Ethiopian roots and continues to use local currencies as well as Bitcoin:

“People are interpreting this as an attack on USD or ETB [Ethiopian birr]. It is neither. We use both daily for our day-to-day lives, our decision about Bitcoin is simply because we believe in the secure distributed network Bitcoin has created.”

Nonetheless, while the volatility of Bitcoin is too much for those in the western world to stomach, Octagon Networks explained that some of its employees choose Bitcoin as their preferred currency. Across Africa, several currencies — especially the CFA franc, a currency in use across 14 African nations — have lost purchasing power while leaving governments powerless.

Related: Why the rise of a Bitcoin standard could deter war-making

Moreover, Octagon Networks told Cointelegraph that within the cybersecurity industry, Bitcoin is well-respected. Over the past decade, Bitcoin has not been hacked, while the hash rate (effectively a network security metric) continues to reach new highs:

“From a cyber security perspective, it makes sense to bet on Bitcoin than anything else.”

Popular Bitcoin maximalists such as Cory Klippsten, founder of Swan Bitcoin, were quick to celebrate another company upgrading its business practices to a Bitcoin standard.

The term “Bitcoin standard” refers to an individual, business or company adopting Bitcoin in a way that puts Bitcoin first. El Salvador, for example, was the first country to adopt a Bitcoin standard.