Bithumb, one of the world’s largest Bitcoin and Ether cryptocurrency exchanges, has been breached resulting in the loss of more than $1 Million in cryptocurrencies after a number of its user accounts were compromised. We reached out to some of the world’s leading cybersecurity experts for their thoughts on this latest hack.
Ben Hertzberg, research group manager at Imperva, said “The last few weeks have been dramatic for cryptocurrency and its traders, when the market volatility gave opportunity to both honest investors and criminals alike. This is due to the surges in demand for Bitcoin (bringing it to over 2.7K USD, which has now stabilised over the last couple of days at around 2.5K USD) and other cryptocurrencies like Ethereum which spiked from “almost 0” to 400$ in a very short while, now at around 270$.
“Attackers can make a lot of money when attacking crypto exchanges due to factors such as the anonymity of the cryptocurrencies, hence the ability to “get rid” of the stolen goods with limited risk, and also by speculating on market prices (especially in specific exchanges or markets) and causing dramatic changes. In many cases this is done by Denial of Service attacks, which are hugely popular against cryptocurrency exchanges.
“In this case, according to Bithumb, the breach itself was of data stored outside of the company’s assets on a personal computer. This also brings up the question of data security in organisations, and the ability for employees to take sensitive information with them when they’re working out of the office. Part of this is due to the rapidly changing work environment, where employees get more remote access to company resources which poses a challenge to IT security departments.”
David Kennerley, director of threat research at Webroot, added “The news of this Bithumb hack highlights the fact that employees can still be an organisation’s weakest link with regards to security. The fact that access appears to have been initiated by initially compromising an employee’s personal PC is a very worrying development – highlighting huge failings on so many levels, from an employee education and training standpoint, all the way to administrative and technical controls, to monitoring and enforcement.
“Such cases emphasise the need for businesses to have clearly defined security policies and procedures round the use of personal devices for work purposes and the re-use of passwords – employees should not be using their work passwords for personal use. While businesses should consider investing in technical security layers, from threat intelligence solutions, to two factor authentication – which would surely have helped in this case. Understanding why this hack is only coming to light now will be one of the first questions customers will wish to have answered very quickly – as this breach is reported to have occurred in February of this year.”
Pete Banham, cyber resilience expert at Mimecast, concluded “This cryptocurrency heist is a prime example of why firms need to think about the sensitive information employees have access to in a remote working world. Assume home PCs are or will be compromised when designing your data protection strategy.
“Ongoing security training needs to be balanced with effective data loss prevention techniques that can identify sensitive data leaving an organisation.
“Managing secure remote access to data is challenging, but requires careful consideration with regards to your risk appetite.”