Exclusive interview with Yeo Siang Tiong, General Manager, South East Asia at Kaspersky: Part 1
Kaspersky has been a forerunner in managing cybersecurity threats in the cryptocurrencies and blockchain sector. In their “The Kaspersky’s Cryptocurrency Report 2019” issued earlier in June, 74% of respondents do not have a thorough understanding of how cryptocurrency works and 19% of them experienced exchange hacks. To gain an in-depth understanding of the state of cybersecurity in cryptocurrencies, we arranged an interview with Yeo Siang Tiong, General Manager, South East Asia at Kaspersky regarding the solutions provided by Kaspersky in mitigating cybersecurity risks in token offerings, crypto exchanges and mining. We explore how hackers exploit vulnerabilities of security during pre-sale and post-offerings of token sale and how Kaspersky can provide investor protection in 7 ways.
Can you share with us the main types of cybersecurity attacks in blockchain? Regarding token offering security, what are the cybersecurity threats during pre-sale and post-offering of token offerings?
In the crypto-economy, there are two kinds of attacks: attacks that focus on the blockchain core system and those that focus on the IT cybersecurity system where blockchain projects are hosted on.
We found that hackers generally stay away from exploiting vulnerabilities in cryptocurrencies because of how difficult they are to hack. They also rarely attack wallets directly. Usually, crypto-exchanges are a key area of focus for cybercriminals, given that they host huge volumes of crypto-funds and are mostly centralized applications. Typical threats for such applications include backdoors, embedded at the development stage, web vulnerabilities such as cross-site scripting (XSS), where malicious scripts are injected into otherwise trusted websites, and social engineering attacks such as phishing.
Another focus area for hackers also occurs during the process of crypto-fundraising, which is associated with a variety of threats at every stage – from product development and the ICO/IEO/STO announcement to the end of a token sale. While communicating with the public about a planned ICO/IEO/STO and the release of a draft whitepaper, hackers can be gathering information about the project and its team. They develop social engineering attacks, probing the team with malware, phishing, and social engineering. The hackers may try to penetrate the project and inject malicious code into its source code. When it comes to launching a website for an ICO/IEO/STO, there may be attempts to disrupt its work with DDoS attacks. Hackers may launch a phishing website or send fake or phishing announcements to your investors.
The largest attacks are often due to flaws in smart contracts. They can either disrupt transactions or be exploited by hackers. In addition to smart contract vulnerabilities, the product itself may be exposed to APTs, targeted attacks, or supply-chain attacks, and this could result in the theft of customers’ personal and financial data as well. Hence, while blockchain technology is fundamentally secure, we need to remain vigilant and address cybersecurity issues pertaining to the blockchain core system as well as the traditional IT system that hosts websites and customer data.
What is the role of Kaspersky Penetration Testing and Kaspersky Anti Targeted Attack in detecting smart contract vulnerabilities during a token sale?
Token sales raise billions of US dollars every year. This market has been actively growing for several years and is likely to continue to do so. However, the popularity of Token Sales procedures, including ICOs, IEOs, and STOs, makes them a prime target for fraudsters and other criminals.
One such solution to protect token sales from various types of threats is Kaspersky Penetration Testing. It is a practical demonstration of possible attack scenarios where a malicious actor may attempt to bypass security controls in a corporate network to obtain high privileges in important systems. This will give a greater understanding of security flaws in infrastructures, revealing vulnerabilities, analyzing the possible consequences of different forms of attack, evaluating the effectiveness of your current security measures, and suggesting remedial actions and improvements.
Based on leading security intelligence and advanced machine learning technologies, Kaspersky Anti Targeted Attack Platform combines network data, sandbox, and intelligent analysis to correlate incidents, search for indicators of compromise and attacks, and help uncover the most complex targeted attacks. Connecting up the various pieces of an incident provides a comprehensive view of the entire attack chain, increasing confidence in assigned threat scores and reducing false positives to zero.
The Kaspersky Anti Targeted Attack Platform includes three areas:
Multi-layered sensor architecture – to give ‘all-round’ visibility. Through a combination of network, web, and email, and endpoint sensors, the Kaspersky Anti Targeted Attack Platform provides advanced detection at every level of your corporate IT infrastructure.
Advanced Sandbox – to assess new threats. The result of over a decade of continuous development, our Advanced Sandbox offers an isolated, virtualized environment where suspicious objects can be safely executed so their behavior can be observed.
Powerful analytical engines – for rapid verdicts and fewer false positives. The Targeted Attack Analyzer assesses data from network and endpoint sensors and rapidly generates threat detection verdicts for the security team.
Can you share with us Kaspersky’s solutions regarding investor protection?
In the crypto-economy, trust and assurance are essential to building up your customer base.
Kaspersky’s comprehensive solution is designed to protect token sales from various types of threats related to vulnerabilities in smart contracts and web platforms. We provide thorough code reviews, phishing detection, incident response, and education for staff.
Businesses can protect investors through this multi-pronged approach:
Perform an Application Security Assessment that analyses the state of security of applications (be it a decentralized or a traditional one);
Conduct Penetration Testing to identify weak spots in their systems and to ensure that hackers won’t penetrate them easily;
Initiate a Smart Contract Code Review that identifies flaws and undeclared features, as well as finds discrepancies between stated in the supporting documentation and smart-contract business logic;
Employ User Account Takeover Prevention to detect attempts from criminals to get access to user wallets;
Put in place Phishing Protection to provide alerts when phony copies of your website are generated;
Set up an Incident Response service and organize Cybersecurity awareness training to improve the overall level of cybersecurity hygiene;
Empower your system through real-time threat intelligence
Besides, assessing blockchain threats with the same – If not higher – the level of digital scrutiny, becomes imperative in safeguarding both the reputation of blockchain’s immutability and prevention of long-term consequences to compromised crypto-businesses.
Furthermore, acquiring a successful security assessment is an indicator that a business is offering a high quality/product solution/product. This helps to reassure customers that your solutions were robust enough to withstand any cyber-attacks.