Disclosure: the views and opinions expressed here belong only to the author and do not represent the views and opinions of the editorial of Crypto.News.
The recent hack on the relay which led to a flight of $ 1.5 billion in digital assets is an alarm clock for the whole cryptography industry. This attack has exploited vulnerabilities in multi-signature authorization and user interface usurpation tactics, deceiving users to believe that they are transgmented with the right address when, in reality, the interface had been manipulated.
Even experienced cryptography professionals can ignore these differences without rigorous examination. In the rapid environment of digital asset exchanges, these threats can easily be detected. So what is the immediate solution?
Security is not only a functionality; This is the foundation of everything we do. To strengthen our defenses, we must implement the following measures without delay:
1. Audit Middleware MPC
As soon as the multipartite calculation receives a chain transaction request, it must validate the transaction in relation to the large dynamic book (exchange database) to guarantee the correspondence of the sales. This is an immediate and automated step that exchanges can introduce to improve their ability to confirm with precision the identity of individuals.
In addition to ensuring that withdrawals receive the necessary examinations and audit, the integration of these initial steps which can identify potential threats at an early stage is essential to mitigate the threat of high -value hacks.
2. Verification of the large dynamic book
The large dynamic book systems record each transaction state and carry out background audits after execution for absolute precision. Before approving any MPC withdrawal, the system must overlap the big book to confirm its legitimacy. These systems retain a trace of confidence of each transaction, so they can be invoked to provide reliable results for any withdrawal which requires a more in -depth investigation.
3. Audit after approval
Each approved transaction must be examined to detect attempts to usurpate the potential user interface. This adds an additional layer of security and can prevent platforms from becoming the victims of sophisticated hacks, just as we saw with the Bybit incident.
The audits must then be executed periodically according to the volume of approved transactions. The implementation of this process allows exchanges to constantly question the systems they have in place and to examine whether the appropriate measures have been established to examine transactions.
4. Approval of the threshold and round
The implementation of an MPC approval system based on the threshold eliminates unique failure points. Exchanges are vulnerable if they only count on a single system to avoid violations, and the ability to spread this responsibility in the various branches of the organization will considerably improve resilience in the future.
In addition, the approvals of the round by the treasury teams reduce initiate threats and improve responsibility. The involvement of several stakeholders in the delivery of secure transactions will finally reduce the errors, whether accidental or deliberate and will increase the standards to which each member of the team must respect.
5. Automated transactions audit
The risk -based rating must be applied to each request for deposit and withdrawal before approval, with high value transactions undergoing manual verification to guarantee appropriate declaration and responsibility.
Real -time monitoring systems should analyze deposits and withdrawals, with automated checks for unusual tips. If necessary, important transactions should be verified manually with a full report. Each withdrawal must undergo an assessment of the transactions audit score before being treated.
6. Cybersecurity continuing education
The regular cybersecurity training for cash teams is crucial, because security is as strong as the people who apply it. Investing resources to ensure that employees have the necessary training to play their role at the highest level possible is a valid investment for cryptographic platforms and will strengthen long -term security.
Exchanges should also carry out simulated safety exercises two to three times a month to assess the efficiency of the response. This allows companies to describe all the potential weaknesses of the processes or knowledge of employees who can be immediately processed, by equipping the team a practical experience in the management of potential cyber-menaces in the future.
7. Complete insurance coverage
All hot and cold portfolios must be provided to improve operational security and risk mitigation. This protects the exchange itself and reassures investors that their assets have an additional layer of financial security.
Bybit’s hacking is a clear indication of the level of sophistication that the bad actors have reached in their attempts to orchestrate digital flights. Consequently, offering insurance coverage is the right decision for exchanges, because the threat to which they face increases and evolves constantly.
Prioritize security, a key consideration
Security is a shared responsibility, and collaboration is essential to make this space safer for everyone. The strengthening of security managers, investing in advanced technologies and staying ahead of potential threats should be a priority for organizations of the whole cryptography ecosystem.
This communication is for information and education purposes only and is not financial, investment, legal or tax advice. The Fintech D24 group does not guarantee the accuracy or reliability of information, including third -party content, if applicable, and is not responsible for loss or damage to its use. The trading of cryptocurrencies implies significant risks, in particular the total investment loss due to volatility, threats of cybersecurity and regulatory changes. Users must carry out their research, consult professionals and ensure compliance with local laws before negotiating.
