Securing blockchain-based cryptocurrencies with Centrify Zero Trust Security for identities

By David Geer

Blockchain and cryptocurrencies are relatively new technologies. The blockchain is a shared digital record book of transactions. It has many advantages such as transparency, fast settlements, and innate proof of transaction validity. Blockchain has many potential applications. It is the default underlying technology behind almost all cryptocurrencies (there is an exception to the rule in IOTA).

Except for IOTA, cryptocurrencies are “digital assets tied to the value of a particular blockchain protocol.” Though you can use a blockchain for applications other than cryptocurrencies, all cryptocurrencies that you base on blockchains link inextricably to their corresponding blockchain protocols.

Successful identity hacks have cost blockchain-based cryptocurrency companies and their customers millions. Hacks involving cryptocurrencies demonstrate that attackers compromised account credentials as a significant part of the intrusion process. Centrify Zero Trust Security for identities safeguards cryptocurrency accounts and credentials.

Compromised credentials are crucial to cryptocurrency exchange hacks

There are multiple examples of cryptocurrency hacks involving infiltrated identities and credentials. These credentials have included employee and systems administrator username and password combinations, which are the same kinds of credentials that Centrify identity security protects.

Last August, for example, hackers conned $500K in Ethereum cryptocurrency from users who bought into the bogus Enigma crypto-exchange crypto-token sale. Hackers gained control of the Enigma website using compromised accounts to pull off the con.

To grab the company accounts, attackers tried passwords they found in online dumps from other attacks, assuming that employees reused the same passwords or slightly altered versions as part of their Enigma credentials. Keeping the same password is a common practice for users since multiple passwords are hard to remember. Using brute force attacks that rapidly inject virtually countless username and password combinations, hackers were ultimately able to login to the cryptocurrency exchange.

In December of last year, NiceHash, the crypto-mining marketplace that buys and sells computer processing power for mining cryptocurrency suffered a hack. The compromise cost NiceHash and its customers about 4,465 bitcoin when attackers stole administrator-level credentials, which gave them access to the bitcoin.

Other notable cryptocurrency hacks that cracked credentials include the Bitstamp hack. Attackers phished six Bitstamp employees and eventually succeeded in fooling one of them, stealing credentials belonging to a Bitstamp systems administrator. Hackers used the system admin’s account to log on to a hot wallet at Bitstamp and take 18,000 bitcoins.

How Centrify Zero Trust Security for identities can protect access to cryptocurrencies supported by blockchain

Centrify Zero Trust Security checks, challenges, and confirms cryptocurrency user identities at every point of potential compromise throughout the identity lifecycle. Zero Trust Security permits access and privileges for known identities only after verifying that they are connecting from an approved location, using an enrolled device. Zero Trust Security follows and observes users, applying machine learning techniques to understand their behavior based on their data, devices, and activities.

On suspicion of misuse or misappropriation of an identity, Zero Trust Security challenges the user through multifactor authentication (MFA). MFA adds layers of identity checks for security and counters weak passwords like those used in hacks of blockchain-based cryptocurrencies. One factor of authentication requires the hacker to know what the legitimate user knows, such as answers to security questions.

Another factor demands that the hacker have what the legitimate user has in their possession, such as a one-time passcode delivered directly to their smartphone. In still another element of re-authentication, the hacker must be the user, with biometric proof of identity. When the hacker fails to authenticate, Zero Trust Security blocks the identity.

Even if hackers were able to gain control of the identities in the Enigma, NiceHash, and Bitstamp hacks, Zero Trust Security would have disabled the accounts. Once hackers exhibited behaviors such as funneling out all the cryptocurrency or changing the content of the company website—part of the ploy in the case of the Enigma hack—Zero Trust Security could have blocked that behavior and mandated the further authentication steps.

Stolen credentials and the continually changing face behind the identity mask

With hackers pilfering almost a quarter-million web login credentials every week, according to Google, it’s no wonder Zero Trust Security, the only way to secure identities that are constantly changing hands is making a comeback. Zero Trust Security limits risky passwords, over-privileged accounts, and lateral movement inside your network, canceling stolen credentials before they commit breaches and theft and do damage.