September 28, 2020
By Sam Grant
Bybit’s executive Ben Zhou asserted that he was no longer stunned by the attacks happening to crypto firms
Crypto exchange security has been a trending subject recently owing to crypto attacks that have occurred in the past few months. The subject was once again in the headlines after hackers drained about $150 million from Bitcoin exchange Kucoin.
According to Bybit CEO, Ben Zhou, such incidents should not shock crypto users anymore because crypto exchanges are vulnerable by design. He added that as a centralized web application, crypto exchanges are exposed to the same security issues other websites face.
Zhou explained that most exchange servers and storage networks hold virtual currencies in hot wallets. If not well secured, these hot wallets are vulnerable to theft. The Bybit executive asserted that a cold wallet system would be much safer than a hot wallet one.
Unlike hot wallets, cold wallets are not connected to the internet. This means they are less susceptible to hacks. The only inconvenience with cold wallets is the inability to make immediate large withdrawals from an exchange.
In Zhou’s opinion, security should be among the priorities for any exchange, more so those that operate online. Crypto exchanges need to address their current weakness and enforce more security layers to help prevent future hacks.
Security systems must be able to protect information across all points of interaction, including the securing of user data.
“This can be accomplished by applying best practices for application lifecycle management, hiring knowledgeable and reputable security consultants for penetration testing and running bounty programs within the white hat community to identify any potential vulnerabilities,” Zhou said.
He further suggested that exchanges should collaborate with trusted security firms to implement firm management processes, conduct security audits and bank on zero-trust architecture.
Zhou pointed out that there are several reliable security solutions from third-party vendors on the market.
The executive disclosed that Bybit had directed a lot of resources to strengthening its security protocols. The crypto trading platform implemented a cold wallet system to protect its users’ funds, as well as carrying out bounty programs and red alert scenarios to eliminate system vulnerabilities.
Zhou explained, “Even when it comes to withdrawals, we subject any requests to at least three layers of risk-control verifications. Crypto asset consolidation among cold wallets follows the strictest policy, including physical environment security, system security, encryption techniques, operation authentication, monitoring and audit.”
https://coinjournal.net/news/crypto-exchanges-susceptible-to-breaches-due-to-design-bybit-ceo/