Project: HACKSTOP was created to solve one very specific problem; Crypto Exchange/Custodian Security. Lets face it, crypto exchanges get hacked; often. With Cryptopia now in liquidation, the recent Binance hack and the all famous MT. GOX hack looming over the industry’s head, there is a clear need for exchanges to up their security game. To satisfy your curiosity, we’ve placed a comprehensive exchange hack list here.
Proudly Supported By:
The MDR offering is a competitive differentiation for Paladion particularly among mature security organizations in the APAC region- Gartner Magic Quadrant
Disclaimer: Project: HACKSTOP is not a magic bullet to crypto exchange security problems.
Phase 1: Secure The Exchange Hot Wallet
How Does Project: HACKSTOP
In partnership with Paladion, we monitor the environments of crypto exchanges using EDR, SIEM, UEBA, IDS and push this data to our AI platform, which is supported by a threat intelligence platform. The AI is used to generate alerts, which are vetted by our cyber warriors 24x7x365 in a SOC 2 attested facility. If we deem that malicious activity is taking place, we will stop in real time by pushing a rule via API to the customers Firewall, WAF, IDS, Proxy/AD.
We also include a vulnerability management platform, quarterly, custom security reports as well as response orchestration as a service.
The AI we utilize has been learning for over 2 years, and is fed over 25 billion different security events every day. Below are a few customers outside of the crypto world that currently use this service:
The Importance of
Detection & Response
Protecting a crypto exchange from a hack seems like an impossible task….That’s because it is. Any product or entity that labels itself as unhackable is simply lying. Everything is hackable. What matters is dwell time i.e how long it takes to detect and to respond to a hack.
The infamous 2019 Mariott Hack, which encompassed a data leak to the tune of 383 million users took 5 years to detect….. In the case of exchanges, hacks are detected much more quickly because exchanges find themselves short a of couple of million, sometimes hundred of millions worth of crypto.
Each day $2.7 million is stolen from exchanges – The amount of stolen cryptocurrency from exchanges in 2018 has increased 13 times compared to 2017. This amounts to $2.7 million in crypto assets being stolen every day, or $1,860 each minute. Eric Larcheveque
$1.1 billion in cryptocurrency has been stolen this year(2018), and it was apparently easy to do..Kate Rooney
Cybercriminals will eventually find a loophole through which to enter the systems of organizations – Earl Perkins, Managing Vice President
Harness the Power of 1,000 Cyber Warriors
During beta phase, customers would be kitted with the simple but effective badge that the average trader can see and instantly realize that their investment is in good hands. A full list of badge users would be published once the project enters beta phase.
Phase 2: Secure The User Hot Wallet
How Does Project: HACKSTOP
Secure User Devices?
As a customer of a centralized exchange, your funds are stored within the exchange’s environment albeit your phone ultimately holds the keys to that castle and if your phone gets compromised, so does your crypto. So how can we make gaining access to your phone more difficult for hackers?
Under Project: HACKSTOP, the exchanges app is transported into a container secured using AES 256 bit encryption. Besides requiring private key in order to unlock; the app is also tethered to a built-in malware scanner. This is where the magic happens. Once the scanner detects any kind of malware on the device it disallows access to the application until appropriate access has been taken.
This kind of solution is the first of its kind in the crypto world and will offer users a strong layer of protection against:
- Advanced Malware
- Phone Theft
- Sim card attack
“By their nature, cryptocurrency exchanges are likely the single-most targeted and profitable systems on the internet. Attackers can and have stolen tens of millions from these exchanges. They are by definition high profile and exposed, and unlike other businesses where cyber losses are mostly reputational, exchanges suffer enormous direct losses. It’s like a bank robbery but without the insurance. Cutting edge security is of the essence, logical, and maybe even a competitive advantage with more and more exchanges competing.”
“Project: HACKSTOP is a new approach to the security concept for exchanges through AI and over 1,000 security experts available 24×7 worldwide, the security of existing exchanges is significantly increased around the clock and hacker damages will be minimized.”
Being a security researcher, I can firmly say Project: HACKSTOP is a sword and a shield for an organization. This can be a wall of defense protecting against advanced emerging threats in the cryptocurrency exchange platform with it’s integrated AI solution.