Industry News What can we learn from the DMM Bitcoin “leak”?

Threat Analysis: What you need to know about crypto hacking

A patented one-directional no-attack vector connection is the key to secured connection. The world is changing. As economic wealth becomes more digital, leading financial institutions have listened to investors and market forces […]

A patented one-directional no-attack vector connection is the key to secured connection.

The world is changing. As economic wealth becomes more digital, leading financial institutions have listened to investors and market forces and now manage vast amounts of digital currency for themselves and others, using blockchain transactions. Hackers are well aware that this is where the money lies, and Financial Institutions are severely targeted by cybercriminals. Hackers invest astronomical amounts of money in constantly evolving, and banks are primary targets for a crypto hack. No one is safe, as experts believe that the real question is when, not if, your institution will face an attack.

Common cryptocurrency cyber-attack vectors

As cryptocurrency becomes more valuable, more cryptocurrency exchanges are targeted with cyber-attacks. Common attack vectors include:

  1. DDoS (Distributed Denial of Service) Attacks – a clever attack on the service provider, disrupting it by overwhelming the server with too many requests
  2. Transaction Malleability Attacks – hackers insert a subtle change to the transaction ID just before confirmation, confusing the sender to think an error was made and ask for it a second time, thus spending double.
  3. Malware Attacks – insert malicious code into hot or cold wallets to compromise the system and create vulnerability.

The new Handshake transaction technology aims to simplify the cryptocurrency trade. It allows users to name the unique endpoint, instead of typing a complicated address. Since those names are unique, it may expose identified endpoints to cyber-attacks. Any software relying on handshake technology is exposed to this risk and compromises cryptographic keys. Interestingly, the common vulnerability in all those methods remains the risk of being online. Eliminating direct or indirect Internet connection from your process will simply and effectively eliminate cyber-attack vulnerabilities.

Threats can come from within

If we examine different cyber attack methods, external threats are not the only danger. Physical access to key management can allow external and internal attackers to sign transactions that involve cryptocurrency transfers, leading to massive losses. Cybercrime isn’t only about your network, as a rise in internal crime includes insider trading, theft, and cyber vandalism. An internal security mechanism is a must, one that will prevent inside jobs.

As we progress – so are the threats

The cryptocurrency market is worth hundreds of billions of dollars. Financial Institutions cannot afford to compromise on security, especially when safeguarding assets on behalf of others. Traditional Safekeeping services that want to hold digital assets need to understand the cyber-threat landscape and their own vulnerabilities. End-points (wallets, digital vaults) maintaining ownership of the assets are vulnerable to cyber-attacks because they communicate with the interactive blockchain – over the Internet. Financial institutions offering Crypto custody are at the forefront of cybersecurity risks.  They must be prepared to adapt and fight back, as no matter what their choice of cybersecurity is, any hardware or software interfacing with the Internet is at risk of being hacked.

Our solution? The unreachable wallet

Simplify risk management with GK8 patented unreachable wallet.

The bitter truth is that most digital asset management systems are hackable. Current market solutions, whether hot-wallet or cold-wallet, are eventually connected to the Internet. Hot-wallet private keys are stored with cloud technology, and cold-wallet private key hardware will ultimately be connected to the Internet through external drives. Eliminating direct or indirect Internet connection from your process will simply and effectively eliminate cyber-attack vulnerabilities.

GK8’s technology allows banks to receive full access to their digital assets and related information without compromising security. This groundbreaking solution allows financial institutions to execute the entire digital assets management process, including sending transactions to the blockchain, without the need for an Internet connection. Thus, eliminating all cyber-attack vectors.

GK8 offers a new market standard in cryptographic security solutions: a patented one-directional no-attack vector connection. We simply make keys unreachable. GK8’s on-premise hardware and software systems are the safest environment to manage digital assets while supporting institutions׳ need for asset accessibility. The solution supports 24/7 on-the-spot withdrawals with easy-to-use compliance and control tools, all using the highest standards for physical protection.

We are industry thought leaders, ex-government cybersecurity experts, and our expertise is to design, develop, and execute high-end cyber defenses against cyber-attacks.

Continue reading

Cryptocurrency Crime Statistics: A Visual Guide

Ever since the pseudonymous Satoshi Nakamoto set out the case for a decentralized, trustless blockchain where everyone held their own account and transactions were verified by anyone who wanted to take part, […]

Everything You Wanted to Know about Tokenization

Join the top experts in the field, Lior Lamesh, GK8’s Co-founder & CEO, and Thomas Cowan, Galaxy’s VP of Tokenization, for a webinar that’s all about explaining this hot and intriguing topic everyone’s been talking about.

Innovate and Integrate – Leveraging Digital Asset Tech Solutions in Traditional Finance

Join our panel of blockchain and digital asset top thought leaders from Citi, Deutsche Bank, and BNP Paribas as they share their earned wisdom about implementing holistic digital asset solutions for forward-thinking customers.