Small business owners are furious this week after yet another fraudulent PPP (Payment Protection Program) loan application was discovered. The program, which was originally conceived to protect small businesses with providing federal loans, was a part of CARES (Coronavirus Aid, Relief and Economic Security) Act, which was passed by Congress in March.

The application came from Houston resident Lola Shalewa Barbara Kasali (22) for almost $2 million. Kasali claimed she owned two small businesses – Lola’s Level and Charm Hair Extensions – and applied for two separate loans to cover her alleged employees and payroll expenses.

After receiving $1.9 million in loans, Kasali transferred the money to various other bank accounts. She was charged with fraud earlier this week.

Unfortunately, cases of PPP fraud are rampant, meaning that the funds allotted for struggling small businesses in the time of COVID-19 are being misused. While it’s easy to call out individuals who are scamming the system, we are seeing that everyone – even the rich – are trying to get a piece of this pie.

In April, fast casual giant Shake Shack returned their $10 million PPP back to the government in what many saw as a media stunt. Why did a multi-billion-dollar company apply to a program meant for small businesses anyway?

The same can be said about the Los Angeles Lakers. Yes, the team does employ under 300 individuals. But do the wealthy members of a professional basketball team really need additional funds while the rest of the working class suffers?

Additionally, over 10,000 PPP loans were mistakenly dispersed to businesses that had already received a loan or those who were excluded from the program for various reasons.

Initially, the SBA put $349 billion into the program. Due to extremely high need – and many cases of mismanagement or fraud, like those mentioned earlier – the funds went in a flash. Though the SBA did replenish the Paycheck Protection Program with an additional $310 billion in April, the program expired on August 8th. And currently there is no solid plan to extend it, leaving small businesses to fend for themselves.

Another factor to consider regarding the faults of Payment Protection Program is the inherent discrimination. Experts say that, because of how the program is structured, more than 90% of businesses owned by women and people of color are or will be excluded from receiving funds from PPP. Our best bet for the time being is to help each other on a community level as much as we can.

Small businesses account for around 44% of U.S. economic activity, according to USA Today. Finding a way to buoy them up now is crucial to their survival. We cannot afford to lose the 58% of small businesses who say they may go under forever.

Short of in-person shopping, how can we as consumers, help? Consumers can now help through smallunites.org, an organization pulled together to share several ways to support small businesses.

The Small Unites platform also provides ways for small business owners to connect with helpful resources, including business and marketing advice. In a surprising twist, the entities tossing this lifesaver to small businesses at risk of sinking are larger companies, including Capital One, HundredX, GoFundMe, the National Urban League, and Ogilvy, among others.

Six months after the COVID-19 shelter-in-place orders were issued in the U.S., many small businesses are still struggling to stay afloat. Some are still operating through curbside or online orders only. Others are operating with a reduced capacity, limiting the number of people in their stores at any given time.

The PPP funds have been spent, as have stimulus checks, and many people are watching their budgets. Despite wishful thinking and finally some success with mask wearing, we are nowhere near a full reopening in this country. Even if it were allowed, the majority of people are still social distancing as much as possible and are finding other ways to shop – mainly online.

GoFundMe has a platform to donate money directly to a specific small business for those who can afford to. Consumers may also make a tax deductible donation to the overall fund that distributes the money through small business grants, such as the Small Business Relief Fund via GoFundMe. This money will be sent out in $500 grants to small businesses who apply and qualify.

Some people want to help but are also strapped for cash. Small Unites has come up with a way to contribute without spending or donating money. With HundredX, consumers write a review of a small business on the HundredX platform. HundredX will then donate $2.00 per review to programs in conjunction with the National Urban League to programs supporting minority-owned businesses. Each contributor is able to write up to 50 reviews for a grand total of $100.00 per person. HundredX will continue to donate per review, up to their $1M program cap.

Small business owners, things may look bleak from where you’re sitting. I urge you to seek out some of this support, provided at no cost to you. In addition to perhaps the most urgent need, money, Small Unites also provides tips and guidelines from Ogilvy to businesses that sign up for the program.

These tips include marketing, social media, and communication advice. The Small Unites website also has a “Shop” section to locate small businesses in the immediate area where consumers can shop right now.

The U.S. can’t afford to lose its small businesses. These are often unique places infused with the owner’s passion. Small businesses often support local economies, too, providing a marketplace for local makers, farmers, and other creative people. They are vital businesses, often representing the beating hearts of our communities.

For the skeptical among us, of course Capital One, GoFundMe, and the rest are going to get PR brownie points for this. That doesn’t make the assistance any less significant to saving our small businesses. Motive matters, but let’s not starve on principal. It makes no sense. Someone at these large institutions must also realize that it’s the many small businesses out there that contribute 44% of our economic activity.

Helping the mom-and-pop shops isn’t merely a publicity stunt. It strengthens our economy as a whole. This lifeline also has the ability to strengthen morale and restore hope when they are in short—or at least inconsistent—supply. Knowing that a favorite business is managing to stay afloat amid turbulent waters buoys our spirits.

Small businesses, go sign up for all of the Small Unites assistance! Everybody else, let’s all pull together, with the help of these big corporations, to try and save our small businesses. We need them for our economy. We need them for our mental health. We need them, period.

At some point in our life, we’ve all lost or misplaced something. I’ve misplaced my phone and keys more times than I can count. They always have a way of finding themselves between the couch cushions. But have you ever lost the private keys to access your $300,000 worth of bitcoins? Neither have I. However, this is exactly what happened to a very unlucky man.

Last month, Defcon’s 28th annual event took place. The event is the most influential security hacking conference held in Las Vegas. Michael Stay, a reverse engineer and current CTO for Pyrofex Corp, shared the story with attendees. He started his presentation by saying, “And today I’m gonna to tell you about how we recovered several hundred thousand dollars worth of Bitcoin from an encrypted zip file.”

About twenty years ago, Stay published a cryptanalysis paper detailing how to break into encrypted zip files. This paper led an anonymous Russian investor to find Stay and send him a surprising message on LinkedIn. “So in October of last year, a guy contacts me out of the blue and says, “I read your paper on known plaintext attacks, and I’ve got this password that I’ve forgotten. Is there anything you can do to help?”” Stay said.

In 2016, the investor purchased $10,000 worth of bitcoins and placed the private keys in an encrypted zip file. After the Bitcoin boom, the purchase proved to be a great investment. There was just one slight problem: He forgot the password and had no way of accessing the Bitcoins.

After stumbling on Stay’s old cryptanalysis paper, he hoped Stay would help him break into the zip file and recover the lost keys. When Stay looked into the case, he soon realized this would be a difficult task. The attack he had written years ago needed five files to break into the zip file. This man only had two files in the archive.

With only two files, this would take Stay a lot of time and money to find a solution to the problem. After doing some calculations, he told the guy it would cost him around $100,000 to attempt to recover the keys. He simply couldn’t use regular “off-the-shelf software” to get this done.

The man agreed without hesitation. Stay’s mind was blown away with his response. “I knew he probably had several hundred thousand dollars of Bitcoin in this thing,” he said. The pressure was on!

To break-in, Stay enlisted his business partner, Nash Foster. Foster helped adapt his CPU based attacks to run on GPUs, and they rented a GPU farm. “Our initial expectation was we would do engineering for a couple of months, and then the attack would have to run for several months to succeed,” Foster told WIRED.

Four months after the initial LinkedIn message, they began the attack. “We had tried it in all our test archives that we’d created. It worked fine,” Stay said. They were hopeful. “Ten days passed, and it didn’t find a key. And we were distraught, pulling our hair out. What have we done wrong?” Stay asked himself.

After combing through the data, the investor, who is a programmer himself, discovered a bug in the GPU. Once Stay and Foster fixed the bug, they were able to restart their attack. Within a day and a half, they found the three keys they needed to decrypt the archive.

In the end, the improvements made to Stay’s old attack made a significant difference. Instead of the $100,000 and year of processing time that Stay estimated it would take, they were able to do it for less than $10,000 in two weeks of processing time.

“Our client was very pleased and gave us a big bonus! And that’s how we recovered his Bitcoin folder,” Stay said.

According to a 2017 research by analysis company, Chainanalysis, nearly 400 million Bitcoins are already lost. Although Bitcoins have no physical form, they can still be lost. Forgotten private keys and passwords, and discarded and lost devices account for this high number.

The Russian investor wasn’t so unlucky after all!