Cryptocurrency exchanges have substantially grown as the virtual currency marketplaces have transformed the landscape for online payments, investments and banking. As these popular gathering spots for the crypto industry have multiplied, they have raised potential risks, underscoring the need for smart strategies.
A recent survey by the cybersecurity and research company ThreatMetrix identified seven security measures that will be increasingly important for exchanges. The steps include many of the same common-sense measures that cybersecurity experts recommend for other industries, including the identification of potential vulnerabilities, monitoring usage and investing in the right prevention tools.
ThreatMetrix said in the report detected and stopped 251 million cyberattacks in the fourth quarter of 2017 – a 50% increase year over year. Cryptocurrency marketplaces, in particular, have experienced a number of fraudulent new account creations. According to the report, one in 10 new accounts is fraudulent.
“Marketplace operators need security technologies in place that protect the full customer lifecycle – setting up an account, logging in to an existing account, carrying out payments – in a way that is non-intrusive for legitimate customers. They must employ invisible protections that do not introduce unnecessary friction for trusted users,” Alisdair Faulkner, chief products officer at ThreatMetrix, told ThirtyK.
7 Security Steps
Security experts offer these key measures exchange operators can take to keep their exchanges and customers secure.
- Implement an effective vulnerability management practice. Vulnerabilities are the initial entry point for a vast majority of successful attacks, so use your vulnerabilities management system (VMS) to identify them and patch them, Brian Chappell, senior director of Enterprise & Solutions Architecture at BeyondTrust, told ThirtyK.
- Use an Identity and Access Management System. Tie it to your company’s human resources system to automatically create, delete and disable employees’ access to your computer systems and also link it to your privileged password management (PPM) system and security information and event management (SIEM) system, Chappell advises.
- Invest in great monitoring tools. A SIEM collects information of events across all your systems, sends alerts for activities that appear suspicious, and aids in developing a response to those activities, says Chappell.
- Keep firewalls and Web servers patched and up to date. Hackers look to exploit vulnerabilities in these systems, Dean Coclin, senior director business development at DigiCert, told ThirtyK.
- Put an Extended Validation (EV) certificate on your website. This typically shows users a green lock on your website, indicating to a user it is an authentic site and not a bogus phishing site, Coclin explains.
- Conduct a digital identity assessment of all new customers on the exchange. The aim of analyzing users’ digital footprint of their daily online activities is to weed out fraudsters posting as legitimate customers, who would then try to hack into the exchange’s system, Faulkner explains.
- Require users to use strong passwords and two-factor authentication. The second form of authentication can be an SMS text or confirmation email sent to the user, says Coclin.
The majority of successful cyberattacks are due to flaws or vulnerabilities in software that have not been fixed, malicious software that carries a virus or some other form of malware, and phishing attacks that rely on social engineering to dupe users into clicking on a link to download a harmful file or take them to a nefarious website, Chappell says.
Chappell noted most attacks on cryptocurrency exchanges are the result of hackers compromising a workstation or server within the cryptocurrency network.
“It is most likely a system that isn’t even part of the cryptocurrency processing machinery, as those systems are likely to be more intensively secured and monitored against attack. The problem comes when the compromised machine has a vulnerability or privileged user which provides the hacker with privileged access. Once that’s achieved, moving laterally across the network from system to system while looking entirely legitimate (by using a valid privileged user account) becomes relatively easy,” Chappell explains.