Ray Pompon, Principal Threat Research Evangelist, F5 networks
Hackers have a soft spot for targeting cryptocurrencies thanks to a lack of heavy regulation unlike traditional financial services. Cryptocurrency funds have no legal obligation to implement protection measures, so inherently they are not as exhaustive or technical. This makes them prime targets for hackers. Transactions can be extremely difficult to reverse, so although some funds cover customer losses, the reality is that if the exchange stretches into the millions, they have no obligation to help.
Bitcoin is now worth $3.5k, despite major fluctuations in value. For perspective in 2011, Bitcoin had parity with the US dollar, so the opportunities for hackers targeting cryptocurrencies have skyrocketed in recent years. Over the last seven years, F5 Labs has noted an almost twelve-thousand-fold increase in crypto theft and identified 73 major cryptocurrency incidents, each costing on average, a crippling $31 million.
The victims of cryptocurrency thefts
Many technological services in the cryptocurrency industry are targets for cybercriminals, but the most commonly hit technical services, according to F5 Labs research, are cryptocurrency exchanges (63% of incidents). These are the digital equivalent of currency exchanges enabling customers to buy or sell various cryptocurrencies, making them an obvious nexus for high value transactions.
Cryptocurrency uses storage mechanisms called wallets, of which there are two kinds. A “hot wallet” is Internet-connected and used to store cryptocurrencies used for day-to-day transactions – basically the equivalent of your real-life wallet. Hot wallets can run on cryptocurrency exchanges for easy trading, but they can also run as client software on a computer or mobile device. As a result, hot wallets are more likely stolen by cyber-criminals.
To reduce the risk, cryptocurrency technology also leverages “cold wallets” that are not connected. The best cold wallets are air-gapped systems, such as a USB stick with a strong password. Within cryptocurrency exchanges, cold wallets exist as separate, strongly-encrypted databases requiring a wallet owner to unlock it with a private key. Of the known attacked technologies, hot wallets within exchanges are ripped off three times as much as cold wallets. Wallet software for clients that is outside of an exchange can also be attacked. These incidents currently represent around one seventh of all cryptocurrency thefts.
Mining services are another potentially hackable cryptocurrency technology, although this is a relatively rare occurrence.
What does the future hold for protecting cryptocurrency exchanges
Applications are complex conglomerations of interacting services in a variety of environments, glued together with APIs, authentication credentials, and networks. This means they have an extensive attack surface and therefore need extensive security testing and protection.
Regulating the cryptocurrency industry is finally becoming a priority for governments around the world, and some have already begun defining cybersecurity measures. For instance, many countries are looking at Korea Regulation 5.5.7 (Regulation on Supervision of Electronic Finance) as one of the leaders in this respect, as it treats cryptocurrency exchange cybersecurity measures in the same way that a financial institution would. This is an example that should be followed and embraced, as one of the most effective ways to protect cryptocurrency exchanges, especially if the cryptocurrency industry continues growing at its current rate.
