If you are a cryptocurrency exchange and you have been hacked or have suspicions, you can reach out to us at @ComaeIo - we will assist you with the investigation for free.
— @msuiche
Yesterday, I shared on Twitter the announcement of the formation of a Comae Cryptocurrency eXchange Taskforce (CCXT). As more and more news are breaking crypto-heists as predicted in December — it’s clear that cryptocurrency exchanges are underprepared to respond to such incidents.
As explained multiple times, cryptocurrency exchanges are prime targets for criminals for various reasons:
- They centralize a decentralized economy. There is a $ face-value with each credentials. It’s usually hard for attackers to go from bytes-to-dollars, cryptocurrencies are doing that for attackers.
- They are start-ups, and not nation states — meaning that the legal implications of hacking them is lower risks than attacking a Central Bank which belongs to a nation-state for attackers.
- Just like traditional exchanges, they often have poor security.
- Emerging technologies implies emerging risks. Often poorly understood.
- DLT/Blockchain technologies are misleadingly represented as secure, which created a fake sense of immunity for its users and made them even more vulnerable.
For a general point of view, any companies should have an incident response plan and invest in abilities to investigate their systems — which is why at Comae we spent most of our time understanding attackers, and developing new detection techniques for our investigation platform Comae Stardust.
As new technologies emerges the technical debt accumulated by companies keeps increasing, making them less and less prepared to new risks, and often results in security needs so overwhelming that it becomes hard for defenders to know where to start. I’ll be in Bahrain on the 21st Feb to the GCC Financial Forum to speak about why technical debt ends up being a critical factor in why organizations are terrible at cyber-security.
Because of the above reasons, we decided to create a cybersecurity taskforce for crypto-exchanges (CCXT). If you are a crypto-exchange and need some free advising on cybersecurity or assistance on investigating a breach — feel free to reach out to us at [email protected].
Announcing Comae Cryptocurrency eXchange Taskforce (CCXT) was originally published in Comae Technologies on Medium, where people are continuing the conversation by highlighting and responding to this story.
Article Link: https://blog.comae.io/announcing-comae-cryptocurrency-exchange-taskforce-ccxt-55d9fbbe02c5?source=rss----a0f5d7eac75e---4