The blockchain technology is now sitting at a stage of evolution that is somehow similar to the that of the internet in the 1990s; No one can overlook the millions of dollars invested, the hefty merchant adoption and the large number of businesses inspired by bitcoin and the blockchain technology. Nevertheless, the lack of standardized security models has rendered most of today’s bitcoin exchanges & businesses vulnerable to hack attacks, especially when basic security measures are overlooked.
The aftermath of this immature and inconsistent handling of security issues has unfolded many security breaches that struck a number of major bitcoin exchanges and businesses (see part 1 of this article). Accordingly, we will look through the most sophisticated security standards that should be adopted by exchanges and other forms of bitcoin online businesses to avoid hack attacks, theft, fraud and other forms of security breaches.
Cryptocurrency Security Standards
Every financial institution in the world has its specialized security standards to protect its physical and digital assets including banks, brokerages, payment processors and e-commerce businesses. Unfortunately, no formal security standards have ever been formulated for bitcoin exchanges and other forms of online businesses relying on the blockchain technology.
After doing some research, I have formulated a step-by-step guide that can represent a nucleus for future cryptocurrency standards that can immunize online cryptocurrency businesses against theft and fraud.
Cryptocurrency security standards can be collectively summarized into the following points:
1- SSL and DDoS protection
2- Securing key/seed generation
3- Securing key storage
4- Securing audit logs
5- Proof of storage
6- Cold storage
SSL Certificates and DDoS Protection:
SSL certificates and DDoS protection are indispensable basic security measures for online businesses, including cryptocurrency exchanges.
What are SSL Certificates?
Secure socket layers, or SSL, certificates are special forms of security protocols that are used to manage sensitive information including customer’s names, personal banking info, contact information (addresses, phone numbers…etc) and accounts’ passwords. SSL certificates create a secure encrypted connection between a customer’s internet browser and the servers of the online company he/she is interacting with. SSL certificates are crucial for a wide array of online business niches including cryptocurrency exchanges, e-commerce portals, Forex trading platforms, brokerages…etc.
A visitor of a website with an SSL certificate, will notice an “https” protocol on the browser’s address bar, instead of the usual “http” protocol, along with a “lock” image appearing beside the website’s favicon.
Collectively, any website accepting payments, whether in the form of Fiat, cryptos, or any other digital currency, need to implement an SSL certificate. According to the standards of the , for a website to start accepting credit card payments it has to implement an SSL certificate with an encryption key size of at least 128 bits. Similarly, exchanges and other online businesses accepting cryptocurrency payments should also go along the same path (1).
How can SSL Certificates Boost the Security of Bitcoin Exchanges?:
An SSL certificate encrypts data so that it would be only read and stored solely by the intended parties. Data transmitted online often relays through a number of computers/servers before reaching its pre-planned destination. The greater the number of “relays”, the higher the probability that an unintended third party could access the transmitted data. SSL certificates encrypt data via insertion of random characters which renders the transmitted data impossible to comprehend without the proper encryption key. Accordingly, whenever the transmitted data is intercepted by an unintended party, it will never be readable or comprehensible.
What are DDoS Attacks?
DDoS stands for “disturbed denial of service attack”. It is a form of “denial of service” attacks that takes place when a group of compromised systems, usually infected by a Trojan, attempt to make a server, a machine or a website unavailable to its users.
Usually, hackers code a Trojan and spread it through forums, social media, spammy emails…etc. This Trojan will send large numbers of users to the target website of a “DDoS” attack. On the other hand, sometimes users intentionally participate in DDoS attacks against high-profile companies, especially when they think that these companies exercise actions that they believe are illegal, unfair or repressing. This took place in 2010, when big companies such as Visa, Mastercard and Paypal were hit by DDoS attacks when these companies decided to cut off their services to Wikileaks (2).
Consequences of a DDoS Attack on a Bitcoin Exchange:
The cost of outages secondary to DDoS attacks on a bitcoin exchange can be drastic, especially that not only operational costs increase, but also revenue declines as a consequence to high-impact DDoS attacks. The following represents the financial impact of a DDoS attack on a cryptocurrency exchange:
– Cessation of trading which is usually followed by a chaotic market pattern ignited by users’ panic.
– Increased flow of tickets received by “help desk” which can increase its expenses.
– Increased number of customers’ “drop outs” and refunds.
– Degradation of the exchange’s reputation which stunts the overall business growth.
DDoS Defenses:
Although DDoS defense systems can safeguard the trading operations that take place on a cryptocurrency exchange’s trading platform, the high cost of the most available DDoS defense systems implies that one should always weigh the cost of implementation of DDoS protection services against the return on investment (ROI).
Most of the defense tactics used today are centered on mitigation and assuring the continuity services offered by the website. Blackholing is a DDoS defensive tactic that involves blocking all web traffic to the attacked website via redirecting it to a “block hole” in an attempt to save the website and its customers. Routers utilize access control lists (ACLs) to sieve “undesirable traffic”, during a DDoS attack. Although routers can shield a website against simple DDoS attacks, such as ping attacks, they can’t protect a website against most of today’s more sophisticated forms of DDoS attacks (3).
Securing Key/Seed Generation:
Creation of keys/seeds that are used within a cryptocurrency exchange should be an encrypted process to endorse the security of the trading platform. It is crucial to ensure that any newly generated keys cannot be phished by unintended parties. Privacy can be guaranteed when encrypted keys and seeds are only generated by the user who will use it. A Deterministic Random Bit Generator (DRBG) is a perfect algorithm to generate encrypted keys and seeds. Alternatively, a True Random Number Generator can also be used regarding that it is compliant with the current industry standards for statistical randomness.
Securing Key Storage:
The private keys of various cryptocurrency wallets on an exchange should be safely stored when the user is not actively using them on the trading platform. The confidentiality of private keys should be boosted via the utilization of encryption algorithms, physical locks and secret sharing whenever appropriate.
Stored private keys should be encrypted using an encryption algorithm that would render the key impossible to decipher, using the estimated global computing power x1000, within the expected period during which the key would be used. The AES-256 is an example of an encryption algorithm that can provide such level of security.
At least one backup of the generated cryptographic keys (paper, digital…etc) should be created. The backup should be protected against various environmental hazards including fire, floods and other forms natural disasters.
Proof of Reserve:
Proof of reserve refers to evidence of the ability of the exchange’s website script to handle 100% of the funds owned by all users across its trading platform. A proof of reserve assures all users that all their coins and Fiat money is available to the exchange’s system which minimizes fund loss risks. The proof of reserve should be supported by completion and publishing of regularly scheduled proof of reserve audits that are signed by an independent third party.
Security Audit Logs:
Audit logs provide a record of all informational changes and transactions taking place across the trading platform. Whenever a security breach is encountered, audit logs are indispensable tools that can aid investigators in diagnosing the cause and handling such incidents. This can be achieved via:
– Partial audit logs: which include records of all deposits and withdrawals taking place across the exchange’s trading platform.
– “All users’ actions” audits: which include a record of all login and logout attempt with a record of all the IP addresses used to access users’ accounts.
– Full audit backup: all audits should be backed up regularly to a server other than that hosting the exchange (4).
Cold Storage:
Cold storage refers to the process of storing the private keys of bitcoin, or any other cruptocurrency, offline using a paper wallet, physical hard drive…etc. Although cold storage can undermine an exchange’s “proof of reserve”, it can be used in instances when users would use their exchange’s wallets for long term savings. Also, cold storage should be used during non-trading hours and server maintenance periods.
Securing a cryptocurrency exchange is a challenging task that should be continuously reviewed and assessed. Regular penetration testing should be part of the continuous assessment process of the security of any online business involving cryptocurrency. Recruitment of ethical hackers whom are enthusiastic about bitcoin can serve as a valuable tool in the inventory of a secure bitcoin exchange.
Conclusion:
The blockchain technology is by far the most innovative financial creation in the past 500 years. It is like a genetic mutation that will survive despite how hard all the world’s big “Central Banks” would try to destroy it. However, security breaches and hacking attacks represent an eminent danger that can threaten the future of the “bitcoin economy”. Internet security protocols, top notch encryption algorithms, regular penetration testing and adopting bitcoin enthusiastic, ethical hackers can help secure the world’s favorite non-decentralized digital currency.
References:
1- PCI Security Standards Council’s resources for merchants.
2- MasterCard, Visa others hit by DDoS attack over Wikileaks. COMPUTERWORLD. By Jaikumar Vijaya
3- White Paper: Defeating DDoS Attacks. Cisco Guard DDoS Mitigation Appliances.
4- Cryptocurrency Security Standards
You missed out human security factors. No one employee should have the technical power to move more than a handful of coins. Movement of significant amounts of money should be done only by two employees in concert and this should be enforced by multi-sig.
The corporate culture should be one of caution and precision, with employees actively encouraged to double-check orders and seek face-to-face confirmation if being asked to move money. Large movements should automatically send a notification to the CFO.
Your premises should also be secured and staff once again being encouraged to properly check security badges of anybody they have not met before. Staff should be trained on social engineering attacks in particular.
I’m no security expert but those are a few important measures of security I would implement.
Yes, I agree with you. I might have overlooked the human factor intentionally, but it goes without saying that no employee should have the authority to move large number of coins without proper confirmation of the transaction order; however, the circumstances and the circle of trust of different exchanges can vary dramatically, so I don’t think that any sort of “Universal” rules can fit all exchanges.
I am afraid I don’t understand what you mean by “face-to-face” confirmation, I mean I understand that this happens on the trading floor of the stock market, but how can this be executed in a cryptocurrency exchange?