Cool Heads and Hot Wallets
Why is Cryptocurrency so hot?
Rising inflation is devaluing cash reserves by the day, making crypto an ever more attractive investment opportunity.
Here’s my perspective on the key takeaways from the event, and how those responsible for protecting digital assets from cyber attackers must act now to re-evaluate their defences.
Some financial institutions are looking at the feasibility of making cash reserves in a bank liquid, the principle being that the cash itself doesn’t physically move (as in traditional banking). Instead, the ‘ownership’ of those assets moves as metadata is sent between the banks.
However, traditional investors and financial institutions who have long complained about being too regulated are nonetheless concerned at the complete lack of regulation in the crypto space. Without the oversight of the Financial Conduct Authority (FCA) there are no regulations, blueprints or benchmarks for building a successful crypto business for institutional investors.
The Cryptocurrency Infrastructure
A crypto wallet is a device or application which stores the public and private keys for transactions on the cryptocurrency markets. Typically, transactions are conducted via a cryptocurrency exchange where people can trade cryptocurrencies for other cryptocurrencies or conventional fiat money (government-issued currency that is not backed by a commodity). Organisations known as crypto custodians act on behalf of others to store their private keys and provide security for the assets.
The industry as a whole is still very much in its infancy when it comes to cyber security and far more thought needs to be given to the question of how best to protect crypto custodians and asset exchanges from attack.
The challenge is how best to secure this communication channel and protect the wallet(s) from cyberattack.
By far the biggest potential Achilles heel in this infrastructure is the wallet. From a technically purist standpoint, the safest wallet is a “cold” one, i.e. one that is disconnected from the Internet. However, the latency introduced when the private keys for a customer have to be sent from the cold wallet to the exchange will likely result in multiple second delays that are unacceptable in a fast-moving industry like crypto where prices can fluctuate hugely on a second-by-second basis. For this reason a ‘hot wallet’ is essential, even though this means the custodian or exchange must communicate regularly between the secure enclave where the private keys are stored and the untrusted Internet for transaction verification.
At this point, there is native two-way communication and any attack which involves application data (rather than the protocol) would be immune to the disruption caused by placing two diodes inbound and outbound.
A data diode is a one way only data flow enforced by hardware. While it offers some measure of reassurance, it does not address the fundamental business requirement which is that to properly support a custodian or asset exchange, there must be a two-way flow of information. Indeed, using a diode is relatively pointless from a security perspective, as you would need two diodes next to each other to handle the necessary bi-directional traffic.
XML or JSON Gateways can be combined with data diodes to secure the communication flow but here too there are important security concerns. JSON and XML gateways cannot defend themselves from attacks concealed within the data sent to them, meaning that the software inside the gateway is susceptible to attack and the attacker can potentially compromise the machine itself. Ultimately, these gateways are built on standard operating systems which presents a further attack surface for compromise.
Deploying two diodes inbound and outbound also increases the overhead of integrating between the insecure network and the secure enclave. This is because the application(s) can no longer ‘talk’ in native protocols such as HTTP REST or TCP, but now must communicate in a protocol that is supported by the diode.
An initial HTTP or TCP request arrives from the application at the Forcepoint secure data transfer appliance on the untrusted network. Here the request is ‘broken down’ into its core components (headers and content of the request itself). This is represented in a Forcepoint-internal format and a first schema check is applied.
Forcepoint High Speed Verifiers (HSVs)
Forcepoint’s secure data transfer appliances and High Speed Verifiers (HSVs) address all the shortcomings of alternative solutions because any communication inbound or outbound goes via a custom designed and implemented FPGA (field programmable gate array).
The ‘simple format’ is then rebuilt to a reliable, known good state within a secure data transfer appliance on the secure enclave network, before being transferred to the application for transaction validation. This process is entirely transparent to the application on the untrusted network, which simply believes it has communicated directly with the server in the secure enclave.
If this schema check is successful then the internal format is verified in hardware by the FPGA in the HSV. This ensures the data coming from the ‘untrusted’ network is not harmful and only contains the expected data in the correct format. By introducing hardware logic, the FPGA provides an independent check on the data and can be trusted because it cannot be modified by an attacker, unlike susceptible software implementations.
It also delivers the very highest levels of assurance that the communication channel between untrusted network and secure enclave cannot be exploited by the criminal.
The combination of Forcepoint secure data transfer appliances and HSVs delivers all the operational benefits of a hot wallet without the limitations and limited security that a diode or gateway introduces.
(Note: Portions of this blog post were first published by Deep Secure as “Protecting Crypto Custodians and Asset Exchanges from Cyberattack.”)
Forcepoint is actively working with banks and financial institutions to help protect their cryptocurrency infrastructure from cyberattack. If you would like to know more about how we can help you, please contact us today.
This post was first first published on Forcepoint website by Aaron Mulgrew, Forcepoint Senior Solutions Architect . You can view it by clicking here