With reference to the news:
The Slovenia-based Bitstamp announced the breach on its website Monday and shut down services temporarily Tuesday in order to investigate the hack. The theft totaled about 19,000 Bitcoin, but hackers were only able to access a small portion of the exchange’s total assets. While some Bitcoins are stored online, many more are kept on local hard drives in what Bitcoin users call “cold storage.”
Our first analysis found that the core issues with this incident like other bitcoin related incidents are as follows
- The lack of security on the server / host computer OS where these wallets are stored. These Operating Systems needs to be configured with as much security as the usability aspects are handled, meaning, in security, usability and security are inversely proportional.
- The API and application that is written for users to interact with their bitcoins are a second flaw. There are many loop holes that has been discovered, especially with third party wallets, third party APIs etc. We have investigated incidents similar to this at a very smaller scale caused by application errors.
- The insider issue: there are hacks that occurs where an insider of the company enables such an incident to take place. Either it is a intentional hack or that a user’s computer is hacked by a virus/trojan/malware that in turn used the data from the intranet of the company.
- The implementation of the exchange itself. It is a possibility, but bitstamp is an established organization and has a great team, so I will leave this point at here. So that I cover all the areas related to the possibility.
The Cosmic HQ research labs team extends any kind of support and consulting to any individuals in the digital currency industry for cyber security related incident analysis. We have been doing such investigations almost every quarter, at least once, including forgot passphrase, hack issues, mis placed keys etc.
The security incidents in the digital currency incident is less compared to real world security incidents, but because digital currencies are IT oriented, they seem to get more attention.
Let us all work together to make digital currencies a success!
The financial markets generally are unpredictable. So that one has to have different scenarios… The idea that you can actually predict what’s going to happen contradicts my way of looking at the market. – George Soros
doesn’t digital currencies enable that???
Ofcourse, send me a message, always glad to help