“Inca Digital has expanded our work with the Defense Advanced Research Projects Agency (DARPA) to create a free, open-source taxonomy of threats and risks to both the traditional financial system and the cryptocurrency ecosystem. Think of it like a crypto version of the MITRE ATT&CK framework. Led by Anita Nikolich, it will be a first-of-its kind tool to help weed out bad actors across tradfi and defi - and will strengthen the use of crypto globally.”
DARPA taps Inca to map crypto contagion risk
There are many theories out there that say crypto could ruin everything — and now the U.S. has given one firm the nod to study how, Crystal writes.
Why it matters: The same government agency credited with developing life-changing technologies like, GPS, Siri and the internet, is digging in to further its understanding of digital assets.
Driving the news: The Defense Advanced Research Projects Agency (DARPA) awarded a research contract to crypto market data provider Inca Digital, building on a relationship that started last year.
It’s part of DARPA’s small business research effort, Mapping the Impact of Digital Financial Assets (MIDFA), which is exploring advanced methods for identifying and analyzing activity involving distributed ledgers, crypto and other digital assets.
What they’re saying: While DARPA is not involved in forensics and does not have law-enforcement authority, part of its mission “is to prevent strategic surprise, and situational awareness is a critical element to national security,” Mark Flood, DARPA program manager, tells Axios.
“A beneficial side-effect is a better understanding of illicit actors’ behavior,” he said.
Between the lines: Any potential threat crypto might pose to the U.S. financial system also has national security implications.
“Understanding the intricacies, relationships, and interactions between the multitude of players, entities, and geographies can help shed light on the potential impacts of stressors, including those generated intentionally by adversarial nations or groups,” Flood adds.
Zoom in: Understanding the intersection of cyber threats to traditional finance and crypto, is what Anita Nikolich, Inca’s project lead and University of Illinois’ director of research and technology innovation, is working on.
“People talk about contagion, it’s actually very theoretical,” Nikolich said, “What we’re trying to do is show if there is and where.”
For example, “Everybody uses [Amazon Web Services (AWS)],” Nikolich said — both traditional finance and digital assets firms.
“From a national security perspective: We’re physically in places where if [someone] took that out, [they] could have an impact.”
“Crypto digital assets are no longer a vertical that stand on their own. They rely on banking, the internet — and that’s what people should be alerted to: That it’s one combined system and pervasive in everyday services.”
Inca aims to create a taxonomy of risk, studying indicators of compromise.
The language of token drops and airdrops. “The words that are put out there a couple years ago might’ve been ‘make a quick dollar’ now it’s ‘I’ve got a new project’ — a softer sell,” says Nikolich, who in her non-Inca life studies disinformation and social engineering.
Romance scam demographics. Younger, tech-savvy folks were early targets, now those fraudsters are after senior citizens.
The bottom line: “Our goal is that tools developed under MIDFA will support industry and government in maintaining safe and secure markets,” Flood said.