Cryptocurrency Investors Up Personal Security Measures After Series of Violent Kidnappings Targeting Their Peers
Cryptocurrency investors are reassessing their security posture after a string of kidnappings targeting their peers over the past six months.
This week the New York Police Department arrested William Duplessie, 32, and John Woeltz, 37, who were subsequently charged with the alleged kidnapping and assault of a 28-year-old Italian national to gain access to his cryptocurrency fortune.
“Authorities said Duplessie and Woeltz lured the victim into an eight-bedroom townhouse in Manhattan’s Soho neighborhood, one of the most expensive in the city, on 6 May to steal his Bitcoin fortune,” the Associated Press reported. “Over the next 17 days, the man told police he was bound by the wrists, shocked with electrical wires, pistol-whipped, cut on the leg with a saw, and forced to smoke from a crack pipe. At one point, he said, he was dangled from the home’s topflight of stairs.”
The victim was able to escape his kidnappers after agreeing to give them his password to access his accounts. He then fled outside while they were distracted and flagged down a traffic agent to alert the authorities.
James Wiggins, vice president of client risk management at Global Guardian, says that this New York attack is bizarre since it appears to have been perpetrated by colleagues that knew the victim.
“They knew he would be able to identify them and their location, so he was lucky to have been able to escape—the end game would have been bad,” Wiggins adds.
Wrench Attacks 101
These attacks are known as wrench attacks, or physical assaults targeting people who own or handle large amounts of cryptocurrency to steal their digital wallets or private keys to gain access to their fortune.
Wiggins says that the first wrench attack he recalls hearing about was the 2014 attempted extortion of early Bitcoin adopter Hal Finney in Santa Barbara, California.
“This was a very targeted and personal attack to rob Hal using physical threats,” Wiggins explains. “More recently, as the maturation, value, and media coverage of crypto currencies has increased, it has naturally attracted the attention of a growing number of criminals and bad actors. Criminals have figured out that they can rob an individual person with the same potential financial haul as robbing a brick-and-mortar bank with a lot less risk.”
Instead of casing a physical building, for instance, these criminals are reviewing social media and online information to identify potential victims with a high-reward-to-risk profile.
“If they rob a random person on the street using a physical threat, they may obtain several hundred dollars and a credit card,” Wiggins adds. “If they can successfully identify, target, and attack a cryptocurrency holder, for the same risk of being caught, they can potentially obtain millions of dollars.”
Why are we seeing an uptick in wrench attacks now? With the rise of social media alongside the cultural and media profiles of those who have seen success with cryptocurrency and may want to educate the public about the technology or flaunt their wealth, it is now easier for criminals to identify potential lucrative targets, Wiggins adds.
And it’s not just the cryptocurrency owners who are vulnerable. French authorities arrested 24 people this week who are suspected in two kidnappings for ransom that targeted cryptocurrency investors and their families.
In the first incident, the kidnappers allegedly held a crypto millionaire’s father hostage and cut off one of his fingers to force his son to pay a ransom of several million dollars. The other incident involved the attempted kidnapping of the daughter of Pierre Noizat, CEO of cryptocurrency exchange platform Paymium.
What stands out about these incidents is that they appear to be “based on media casing of high-profile personalities who had established living patterns and had their private family or residence information exposed, creating an opportunity for the assailants,” Wiggins says.
These wrench attacks followed other high-profile incidents targeting cryptocurrency holders and executives in France, according to the Organized Crime and Corruption Reporting Project.
“Earlier this year, in a similar case to the kidnapped father, French police arrested 10 individuals for kidnapping David Balland, the co-founder of the cryptocurrency exchange Ledger, and his wife,” the project said. “The couple was rescued within 48 hours of being kidnapped from their home, after which the kidnappers took them to two separate addresses. While he was held captive, Balland’s kidnappers mutilated his hand and demanded a ransom in cryptocurrency from Ledger co-founder, Eric Larcheveque.”
Security Response
In response to the uptick in wrench attacks, France is stepping up security for cryptocurrency executives. French Interior Minister Bruno Retailleau met with executives in early May to discuss the kidnapping attempts and mitigation measures.
“These serial kidnappings affecting professionals in the crypto sector will be combated with specific tools, both immediate and short-term, to prevent, deter, and hinder in order to protect the industry,” Retailleau said in a statement translated by Google. “The entire state apparatus is fully mobilized to find the perpetrators and sponsors of this violence and put them out of harm’s way.”
Some of these security measures include:
- Providing priority access to emergency numbers and security consultations by officers of the national police and gendarmerie (a military-style police force) for home security of crypto sector professionals and their families.
- Security briefings from the gendarmerie, the RAID (Search, Assistance, Intervention, Deterrence) unit of the national police, and the Anti-Gang Squad of the national police.
- Creating a dual point of contact for emergencies related to cyberspace that connects with the command of the Ministry of the Interior in cyberspace.
- Training police officers and gendarmes on crypto assets laundering.
Several clients have also reached out to Global Guardian in the wake of this week’s arrests about mitigation measures that cover cyber, digital, and physical security.
“Since many have begun physically segregating their cryptocurrency from online access to physical storage, their residences and offices now need sophisticated security,” Wiggins says. “When they travel, they do not want to be exposed to threats, so they are requesting secure transportation, executive protection, and assessments of their social media profiles and any potential threats against them.”
For those with an existing executive protection program, Wiggins adds that it should be assessed to address wrench attack risks that will be unique to each cryptocurrency holder. Additional mitigation measures might include realistic threat assessments, social media monitoring, digital scrubs and monitoring, and effective cyber defenses.
“In daily life, break identifiable patterns, do not telegraph your location on social media, avoid pre-posting travel plans, and have a plan,” Wiggins says. “If threats are probable, then a more defensive posture should be considered. That might include executive protection, secure transportation, technical countermeasures, and tracking and monitoring. The key to success is to develop a bespoke plan that matches the person’s personality and lifestyle.”
While this is an attack method that targets individuals, there are potential corporate risks to consider.
“What if the criminal doesn’t have to wrench attack the executive or the cyber personality, but only must identify an employee or associate with access to cyber currency assets to wrench attack or coerce?” Wiggins asks. “It then becomes a type of insider threat. Then the concentric circles of security must expand to include providing employees with resources and training to protect both themselves and corporate assets.”
These measures are especially important for individuals who have already publicized their ownership of large amounts of cryptocurrency, Wiggins says.
“Three immediate steps for the individual and the family would be to immediately stop publicizing their cryptocurrency holdings, limit social media exposure and public postings, and have personal identifying information taken down from public sites through a digital personal protection plan.”
For those who have cryptocurrency assets but have kept that information private, Wiggins says to keep it that way.
“But have a plan in case someone inadvertently or purposefully exposes your cryptocurrency holdings,” Wiggins adds. “Use strong passwords and multifactor identification (MFI) to provide an additional protection layer for passwords, limit public exposure on public social media, and have a social media plan for the family, which could include agreeing what to share and what not to post on vacation until after the trip.”
