• According to Janet Yellen, the market has not reached the point of becoming a financial stability concern.
• The hearing also brought up the current crypto meltdown that involves the crash of TerraUSD (UST), breaking its $1 stability to fall to nearly zero.

Last year, Jon Cunliffe, deputy governor of financial stability at the Bank of England, stated that the growing crypto industry poses a systematic risk to the traditional financial system. This, therefore, called for a comprehensive regulation to control the market with stablecoins inclusive. In her appearance before the House of Committee of Financial Services, Treasury Secretary Janet Yellen took a different position in response to questions relating to macroeconomic issues.

According to her, the market has not reached the point of becoming a financial stability concern. This was agreed by Rep. Jim Himes (D-CT) who claimed a $2 trillion market is not enough to force a systematic risk designation. Even though she did not point out the exact level the market needs to reach to raise alarm on the financial system concerns, she believes that this could change in the future.

I wouldn’t characterize it as a real threat to financial stability, but they’re growing very rapidly and present the same kind of risks we’ve known for centuries from bank runs.

The US Congress came out with legislation after the 2008 crisis to flag down some large financial entities for posing a financial risk to the country’s economy. Institutions that are recognized can be subjected to a series of oversight which includes the imposition of higher capital reserves on their operation.

Discussions around stablecoins

The hearing also brought up the current crypto meltdown that involves the crash of Terra USD (UST), breaking its $1 stability to fall as low as $0.16. Replying to a question asked by Rep. Himes, Yellen explained that she clearly knows the distinction between Stablecoins like UST which uses financial incentives to stabilize its peg to the dollar, and those backed by a reserve of dollars.

There has also been a discussion around the issuance of the Central Bank Digital Currency. According to Rep. Stephen Lynch (D-MA), the implementation of this will get rid of most of the stablecoins in the market. However, Yellen believes that there could be a huge gap in its implementation as it could pose a privacy risk if the government uses it to monitor people’s spending.

With the issues regarding stablecoins, Commissioner Hester Peirce, also known as the US Securities and Exchange Commission “Crypto Mum” has said that authorities should come up with regulations that allow room for failure.

It’s been one area within crypto that’s really had quite a moment and there’s a lot of stablecoin use and therefore people are thinking down the road if this gets even bigger do we want to have some kind of regulatory framework? We need to allow room for there to be a failure because that obviously is part of trying new things and our framework really does allow for that kind of trial and error. I hope that we will use it for that purpose.

She further stated that regulators must consider all the conversations in crypto as the variation in stablecoins makes it very difficult to come up with a regulatory framework.

• According to the Google Threat Horizon Report, malicious actors are breaking into cloud accounts to mine cryptos.

• The report disclosed that about 86 percent of the 50 recent cases had to do with hackers mining crypto with compromised accounts.

The surge of crypto prices has had a direct correlation with cyberattacks in multiple reports published over the last three years. This has been confirmed by the recent Google Threat Horizon Report released earlier this week. According to the report, the demand for these valuable coins has influenced malicious actors to break into Google Cloud accounts to mine them.

The report disclosed that about 86 percent of the 50 recent cases had to do with hackers mining crypto with compromised accounts.

Malicious actors were observed performing cryptocurrency mining within compromised Cloud instances.

According to the Google Cybersecurity Action Team, two common objectives behind these operations were found to be “traffic pumping” and “obtaining profit.”

The research was meant to “provide actionable intelligence that enables organizations to ensure their cloud environments are best protected.”

The malicious actors were found to be Russian speakers. In addition to secretly mining cryptos, they actively stream live videos promising people to contribute funds to qualify for a giveaway.

The actors behind this campaign, which we attribute to a group of hackers recruited in a Russian-speaking forum, lure their target with fake collaboration opportunities.

The Google report also noted that hackers replace the account name, profile picture, and content with the brand of a renowned crypto exchange or firm to deceive users. Some of the other cyber-threats discovered were malware, spam, launching DDoS, and hosting unauthorized content.

How hackers access these Google Cloud accounts

The report discovered that hackers primarily took advantage of poor customer security practices to get access to the cloud accounts.

Malicious actors gained access to the Google Cloud instances by taking advantage of poor customer security practices or vulnerable third-party software in nearly 75% of all cases.

Interestingly, 48 percent of compromised instances were linked to hackers gaining control over the Internet-facing Cloud instance. Compromised user accounts or API connections were said to either have no passwords or weaker passwords. This subjected the Google Cloud accounts to brute force. It was also realized that the public IP address space was frequently scanned for vulnerable clouds. This was discovered after realizing that in 40 percent of the instances, the time taken to compromise was under eight hours.

Google Cloud customers who stand up non-secure Cloud instances will likely be detected and attacked in a relatively period of time. Given that most instances were used for cryptocurrency mining rather than exfiltration of data, Google analysts concluded the Google Cloud IP address range was scanned rather than particular Google Cloud customers being targeted.

The report suggests that Google Cloud users must use Container Analysis for Vulnerability Scanning and metadata storage for containers. Users are also urged to make use of the Web Security Scanner in addition to using a stronger password and routinely updating third-party software.