Hacker attacks of cryptocurrency exchanges are up over 350% since 2017 and over one third of all victims are located in the U.S. Attack vectors range from phishing assaults to exploiting vulnerabilities related to storage and withdrawal of funds.
Mainly operating on infrastructure in U.S., criminals have modified malware and cyber attack tools previously used on banks to hack cryptocurrency exchanges and gain access to personal data in users' accounts.
What are the first lines of defense for users? Use two-factor authentication for account access and a complex and unique pass-phrase. When analyzing victims' accounts, 20% were found to have passwords shorter than eight characters. Pass-phrases are much harder to hack and should be at least 12-14 characters.
For exchanges, it is essential to have an Incident Response Team (IRT) and Plan (IRP) to detect and contain operational impact. It is recommended that the team have a “jump bag,” which is a ready-to-go toolkit containing all the items required to immediately respond to an attack. Post-incident analysis is necessary to determine whether or not the response to the attack was sufficient. This step might kick-off while recovery is still ongoing, particularly if it takes a while for all systems to be recovered. The aim of this step is to improve the incident response plan, and to strengthen systems to protect them from future attacks. Best practice: Use an independent third party to lead a lessons learned meeting, which should be attended by all parties involved in the incident. The aim of this meeting is to identify any deficiencies in how the detection and eradication of the attack was handled. An incident report (also called a post-mortem report) should be compiled after conclusion of the meeting. This report will not only serve as a reference to plan for future attacks, but will also be useful as a training tool going forward. It can also be used as evidence should any legal matters arise due to the attack.
Contact Us to Learn More.