Crypto exchange security is once again in the news after hackers breached KuCoin. But this shouldn’t surprise people as exchanges are vulnerable by design, according to Bybit CEO Ben Zhou.
Zhou told Cointelegraph that exchanges act as a single point of failure. As a centralized web application, exchanges are susceptible to the same security issues as all other websites.
Security becomes even more important as investors and traders are increasingly taking exchanges to task to protect funds.
The vast majority of crypto exchange servers and storage networks, Zhou said, keep digital currencies in hot wallets. If hot wallets are not properly protected, then this opens them up to theft. Zhou thinks that a cold wallet system is more secure since hot wallets are connected to the internet, making them more vulnerable to hacking. Cold wallets, on the other hand, are not connected online. The only downside is not being able to make large withdrawals from an exchange immediately.
According to Zhou, investing in security should be one of the highest priorities on an exchange platform’s agenda, especially if it operates online. To combat potential hacking threats, exchanges also need to better address vulnerable areas and apply multiple security layers for penetration testing.
Any security system should also protect information across all points of interaction. This means protecting user data from account registration, login, trading, and any information exchange with the platform. Zhou added that:
“This can be accomplished by applying best practices for application lifecycle management, hiring knowledgeable and reputable security consultants for penetration testing and running bounty programs within the white hat community to identify any potential vulnerabilities.”
Zhou also recommends cryptocurrency exchanges work with reputable security firms to carry out security audits, apply strict management processes, and invest in zero-trust architecture. Zero-trust…