security Archives -
G4S (LSE: GFS), a security services provider with operations in more than 90 countries, guards everything from cash transfers to nuclear power plants and prisons. The London-headquartered company has now started to offer cryptocurrency protection, according to a recent report.
Secure Vault Storage
The company, which has more than 560,000 employees throughout the world, announced on Wednesday that it has developed a new service providing high-security offline cryptocurrency storage, to help to protect assets from criminals and hackers. And the company is already providing the service to an unnamed European exchange, according to the Financial Times. It charges clients based on the number of different offline storage devices they want to use to store their private keys, and reportedly uses its own existing vaults for the service, rather than newly built facilities.
The company’s press statement confirmed that cryptocurrency exchanges are already turning to them for help. Dominic MacIver, senior risk analyst at G4S Risk Consulting, commented: “Our clients approach us to discuss solutions to their requirements because of G4S Cash Solutions’ experience in protecting high-value items and G4S Risk Consulting’s experience in developing bespoke solutions to complex challenges. Working with our clients, we are continuously applying their expert knowledge of crypto-assets and our best practice in physical security to a sector at the cutting edge of financial technology.”
Heavily Restricted Access
The service is said to be more secure then other methods because G4S takes the keys offline, breaks them up and stores them in high-security vaults. Moreover, access to the sites in which they are held is said to be heavily restricted, with multiple layers of security. Clients can only gain access when all of the pieces are combined with specific technology.
“Offline storage has become a more established and secure way of storing crypto-assets,” MacIver said. “At the same time, violent robberies and kidnappings in recent years have shown that the sector is still exposed to conventional criminal threats. In collaboration with our client, our security solution is built on a foundation of ‘vault storage.’ We not only take the assets offline, but break them up into fragments that are independently without value and store them securely in our high security vaults, out of reach of cyber criminals and armed robbers alike.”
What level of security should investors demand from exchanges? Share your thoughts in the comments section below.
Images courtesy of G4S, Ed Robinson/OneRedEye, Tom Parker/OneRedEye.
Verify and track bitcoin cash transactions on our BCH Block Explorer, the best of its kind anywhere in the world. Also, keep up with your holdings, BCH and other coins, on our market charts at Satoshi’s Pulse, another original and free service from Bitcoin.com.
The post Security Giant G4S Offers Protected Offline Cryptocurrency Storage appeared first on Bitcoin News.
Cryptocurrency exchanges in some of Africa’s biggest bitcoin markets have been forced to rethink their security to thwart persistent attacks from hackers, a trend that has troubled trading platforms all around the world.
The Worst Yet to Come for African Exchanges
Exchanges in the African continent have been relatively unscathed, suffering scant losses amidst the $ 930 million that’s been stolen from global exchanges so far this year, according to data by U.S. cyber security firm Ciphertrace.
The most notable assault on investor funds in the continent of 1.2 billion people happened around March in South Africa. It wasn’t a cyber attack on an exchange, but rather a scam. Fraudsters at BTC Global, a supposed cryptocurrency investment firm, made off with about one billion rand ($ 80 million) after 28,000 South Africans succumbed to the false promise of incredibly high, quick returns on their investment, police said.
As thefts have stoked exchanges worldwide, some African platforms have woken up to the need to strengthen their security to safeguard investor funds. This is particularly crucial in a continent where cryptocurrency markets are populated by people who trade with a certain degree of ignorance in many cases, lured by the promise of quick riches. Incidents of fraud or stolen money can smear a market struggling to build confidence in the absence of regulatory oversight.
“We have noticed a number of attempts to breach our system but we have managed to maintain our defenses and we keep on learning,” Suleiman Murunga, chief executive officer at Ugandan exchange Coinpesa, told news.Bitcoin.com.
“We (now) use suspicious activity monitoring tools to track user behavior in order to spot bad actors,” he said, adding that the company, one of the biggest in the East African country, also uses two-factor authentication.
Murunga stated that only a small portion of investor funds held on the exchange are kept in a hot wallet, of the kind targeted by hackers. The bulk of the funds are held offline, in cold storage.
Don’t Blame the Trading Platform – Blame the User
When breaches occur, exchanges are not always to blame. Sometimes investors simply aren’t careful. There have been instances where attackers gained access to individual accounts on the Zimbabwean exchange Golix before its forced shutdown in May, taking advantage of email password vulnerabilities to facilitate transactions.
Although no money was stolen, the 23 affected users noticed some changes to their accounts such as the conversion of their cryptocurrencies and the acquisition of additional coins through U.S. dollar balances they held in their accounts. This is according to Golix, which now has a presence in seven African countries. Back then, the exchange didn’t ask investors for 2FA upon signing up.
In Nigeria, Africa’s biggest bitcoin market, where trades reached $ 260 million on just one exchange this year, the threat of cyber attacks is real. In 2016, the Ibadan-based Naira4dollar firm didn’t receive the $ 15,000 worth of BTC it had bought to replenish its wallets after an attacker hacked into the trading platform’s system.
Investors in Nigeria and Ghana also fell victim to a $ 50 million hack of the Blockchain.info wallet, allegedly by Ukrainian hacker group Coinhoarder earlier this year. In the streets of Lagos, scammers take on false identities, infiltrating exchanges and various social media platforms promising outrageously high returns.
David Ayala, chief executive officer of Nairaex, which has more than 100,000 customers on its books, said all digital coins on the Nigerian exchange are stored “securely offline with Bitgo industry standards of multi-sig wallet.”
“Our platform is developed using best practices from the financial sector to maintain users’ security. We have maintained a secured network architecture since launch and we run scheduled tests and checks on the system for reliability,” he detailed, in emailed responses.
Is a Foolproof Security System Possible?
Often, hackers and scammers are a step ahead of their targeted victims, increasing the risk of persistent attacks. But will African exchanges ever implement foolproof security systems, or something approaching that ideal? William Chui, a Zimbabwean cryptocurrency enthusiast and former VP at Golix, proposed “A ‘walk-in’ model, where users [enter a physical premises] to buy [cryptocurrency] and are served while they wait.” It’s a model that’s proven popular in other countries such as South Korea.
He conceded, however, “This is not scalable nor feasible with the internet and will prove to be too slow. I doubt we can get a foolproof, secure system, but the [aim] will be to minimize losses as much as possible.”
Chui recommends that exchanges “invest in a technical development department that will continually penetrate the website, and offer bounties for external developers to do the same … Store a larger percentage of clients’ funds in cold wallets.”
Pesamill Africa in Kenya has gone as far as adopting Australian cryptocurrency industry regulations as part of efforts to align with global best practice. “We have built an exchange that fosters both peer-to-peer and centralized transactions in a safe and secure manner,” Brian Ngugi, Pesamill chief executive, told news.Bitcoin.com.
Whatever the case, African exchanges are at a stage in their development that holds a lot of promise for the growth of cryptocurrency use on the continent. Regulators will eventually step in, as is happening elsewhere worldwide. This will occur, not only to regulate and claim tax, but to make the cryptocurrency space stronger and sustainable.
What do you think about the level of security at African digital currency exchanges? Let us know in the comments section below.
Images courtesy of Shutterstock.
Verify and track bitcoin cash transactions on our BCH Block Explorer, the best of its kind anywhere in the world. Also, keep up with your holdings, BCH and other coins, on our market charts at Satoshi Pulse, another original and free service from Bitcoin.com
The post African Cryptocurrency Exchanges Forced to Step up Security appeared first on Bitcoin News.
Today’s installment of The Daily is about building more than bickering, though we’ll squeeze in a little of the latter before we sign off. First though, let’s start by considering the latest projects being proposed within the crypto space: a tokenized security platform and a social media network that doesn’t leak data.
Nasdaq Plots Tokenized Security Platform
It’s being reported that Nasdaq, the giant U.S. exchange operator, is plotting a new platform dedicated to tokenized securities. The move would enable projects to offer STOs in a regulated environment so as to accord to U.S. law. As popularity for ICOs has waned, exacerbated by fears that so-called utility tokens may in fact be unregistered securities, U.S. projects eyeing tokenization have been left with no choice but to go down the STO route. It’s believed that Nasdaq is in talks with blockchain firm Symbiont to create its own platform that would enable tokenized securities to be listed and traded.
Social Media Backlash Intensifies
There’s been a storm brewing all year on social media, with wave after wave of censorship and data leaks hastening the exodus from Facebook and its ilk. Users intent on jumping ship have been left with a quandary though: where to go? We’ve reported on some of the Bitcoin Cash-based initiatives, as well as Twitter alternatives such as Gab and Mastodon. Blockstack has now launched a $ 1 million challenge to build decentralized social networks, writing: “Your data and privacy are being exploited and monetized by today’s social networks. It’s time for a change. We deserve the right to control our data.” They add:
It’s time for a new breed of social networks – where power is taken back from a single authority and control is returned to you, to me, to all of us. It’s time to decentralize social networks.
10 teams will be encouraged to devise social networks that don’t leak data. A similar venture was also launched recently by web inventor Sir Tim Berners-Lee. While these initiatives aren’t going to topple the social media giants any time soon, greater choice for pro-privacy consumers can only be a good thing.
Vitalik Buterin Sets the Record Straight
Ethereum’s Vitalik Buterin generally avoids wading into Twitter spats, but felt obliged to correct several of the inaccurate claims Nouriel Roubini made in the week of his similarly inaccurate U.S. Senate testimony. “Vitalik Buterin was the ringleader – together with Joe Lubin – of the criminal pre-mining sale/scam that created ether. They stole 75% of the ether supply and became instant ‘billionaires’ of fake wealth,” tweeted Roubini, whose timeline has become increasingly manic as the week’s progressed.
“I never personally held more than ~0.9% of all ETH, and my net worth never came close to $ 1b,” responded Buterin. “Also, I’m pretty sure there are no criminal laws against pre-mining.” Then, on Friday, as Roubini doubled down on his bug-eyed crypto rambling, Buterin again stepped in to dispel the notion that bitcoin and ethereum maximalists are at war, while giving a shout out to bitcoin cash proponents.
Have you learned about BCH yet?
The space is actually great fun once you get to know it.
— Vitalik Non-giver of Ether (@VitalikButerin) October 13, 2018
What are your thoughts on today’s news tidbits as featured in The Daily? Let us know in the comments section below.
Images courtesy of Shutterstock.
Need to calculate your bitcoin holdings? Check our tools section.
The post The Daily: Nasdaq Eyes Security Tokens, Blockstack Tackles Social Media appeared first on Bitcoin News.
Tens of millions of Social Security recipients and other retirees will get a 2.8% boost in benefits next year as inflation edges higher, the AP reports. It’s the biggest increase most retired baby boomers have gotten. Following a stretch of low inflation, the cost-of-living adjustment, or COLA, for 2019…
Former Boston Celtics star Paul Pierce got into it with a security guard Saturday night at UFC 229 in Vegas. Paul was trying to get to the first floor of the arena when apparently a security guard questioned if he had a ticket to be in the…
The impassioned fight over whether to confirm Brett Kavanaugh to the Supreme Court has led to heightened security at the Capitol, the AP reports, with some senators using police escorts to shield them from protesters eager to confront them. Capitol police have arrested dozens of people in recent days for…
Something significant is happening in Social Security: People are retiring and taking their benefits later. These trends are at least in part the consequence of policy changes made in the early 1980s that were purposefully delayed in their implementation.
Consider this: In 1997, 57% of men claiming…
Key posts overseeing the financial health of Social Security and Medicare have been vacant for more than three years, leaving the programs without independent accountability in the face of dire predictions about approaching insolvency.
With Washington corroded by partisanship and consumed by political…
Traders hope and expect the exchange they’re trading on takes security seriously. But while all crypto platforms pay lip service to good cybersecurity practices, many fail at even the most basic measures such as enforcing strong passwords. New research has found 54% of all cryptocurrency exchanges have poor security in at least one area, leaving them and their users vulnerable to attack.
Despite Hundreds of Millions of Dollars in Hacks, Many Exchanges Still Have Shoddy Security
The cryptocurrency landscape has changed significantly since Bitcoin’s earliest days, but one thing that’s remained constant is exchange breaches. From the Mt Gox days to last month’s Zaif hack, exchanges have been regularly surrendering their funds, despite the increasing value of crypto assets incentivizing them to up their opsec. A detailed new report from ICOrating.com has revealed the extent of the lax security practices that pervade many exchanges, including several supposedly top-tier platforms.
The ICO listing and analysis site profiled 100 exchanges whose daily volume exceeds $ 1 million and found most of them wanting in one or more areas. For example:
- 41% of exchanges allow passwords with fewer than 8 symbols
- 37% of exchanges allow passwords with either digits or letters alone
- 5% of exchanges allow the creation of accounts without email verification
- 3% of exchanges lack 2FA
- Only 46% of exchanges meet all four parameters
- Just 4% of Exchanges Were Found to Have Best Practice for Domain Security
ICO Rating also considered registrar and domain security. Specifically, it looked for things such as a registry lock, preventing unauthorized changes to the domain registry, and DNSSEC, to prevent DNS cache poisoning, which has been an attack vector previously used to target platforms like Myetherwallet. Its findings were as follows:
- Only 2% of exchanges use registry lock
- Only 10% of exchanges use DNSSEC
- Only 4 % of exchanges use best practice in 4 out of 5 of these areas
Coinbase and Kraken Score the Highest – Okcoin the Lowest
ICO Rating concludes by publishing a table rating all 100 exchanges profiled according to their aggregated security score. No exchange manages to score 90% or higher but Coinbase comes the closest, at 89/100, followed by Kraken at 80 and then Bitmex and Gopax in joint third (78). Other notable entries on the list are Cobinhood (8th), Ethfinex (12th), Bittrex (13th) and Binance (17th).
Bottom of the list is Okcoin.cn, which scores just 15/100. Other noteworthy exchanges that score poorly are Mercatox (25/100), the hacked Zaif (29/100), and Bithumb (34/100). While previous attempts have been made at rating the security practices of cryptocurrency exchanges, ICO Rating’s report is the most detailed yet. It is not comprehensive, for it does not detail such matters as dynamic IP verification, withdrawal checks, and other security measures. Nevertheless, it provides a snapshot of the health of crypto exchanges and shows there’s room for improvement across the board.
Which cryptocurrency exchanges do you think suffer from lax security? Let us know in the comments section below.
Images courtesy of Shutterstock, and ICO Rating.
Need to calculate your bitcoin holdings? Check our tools section.
The post 54% of Cryptocurrency Exchanges Have Security Holes appeared first on Bitcoin News.
Facebook discovered a security flaw affecting almost 50 million accounts, the company said Friday. A problem in its code allowed outsiders to take over users’ accounts.
WSJ.com: US Business