Thoughts on Security: Hackers Never Take Breaks, We Never Stop Evolving
Yesterday in the noonday sunshine and breeze of spring, I was walking down the main street of Gangnam-gu, Seoul’s upscale, modern center, which is full of skyscrapers, designer brands and stylish nightclubs.
Oh, I was just out of one meeting and headed to the next one, has nothing to do with the luxury life here in Gangnam.
Coming towards me were small groups of people at my age, ladies with fine make-up and nice outfit, gentlemen suited up with nice ties, looking cheerful and relax.
“People always look so happy during lunch break,” my Korean friend must have spotted my envy. But wait, I actually quite doubted that everyone had a nice lunch break on Tuesday, I’d bet some had a rather upset lunch that day.
Hong Kong time 1:15 am on May 8, which would be 1:15 pm on May 7 (Tuesday) for New Yorkers, Binance announced a massive attack that caused it a loss of 7000 Bitcoins, or roughly US$41 million.
How would the lunch break possibly be joyful?
Good news is that the world’s largest crypto exchange didn’t plan to dodge the multi-million US dollar compensation, which it could perfectly afford. But it’s not the case for everyone.
We still remember Mt. Gox in 2014, when its dominance of the crypto world suddenly collapsed after the exchange was hacked and 850k BTC — equaled US$12 billion — were stolen.
Mt. Gox was not the only crypto exchange that went bankruptcy due to security breach. In late 2017, Korean exchange Youbit also failed its investors and users by a loss of 17% of its crypto assets due to “hacker attack”.
And just two months later in January 2018, Coincheck, the then biggest Japanese crypto exchange, was attacked and some US$530 million worth NEM were transferred out, causing a 20% shrink of the coin’s market-cap in five hours and leading to a drastic drop across the world’s crypto market.
Indeed, the latest Binance case is not, and will not be a single case. Post-attack compensation is a must, but meanwhile, precaution is no less vital.
According to Chains Guard Technology, Beijing-based security solution provider, the Binance hack was very likely to be attributed to Advanced Persistent Threat (APT) against the exchange’s internal network.
Hold on a second, what the heck is APT?
Just as its name suggests, APT attack isn’t carried out overnight. In English language, it’s an action against certain target via long-term continuing attack via advanced hacking means.
What’s so “advanced” about APT?
Just imagine, how could a malicious program manage to continuously sneak into a well-protected system and collect the sensitive information without alarming the system — and sometimes its external guard system — then sneak out and finally conduct the massive hacking on the D-day?
The villain program might have stayed undercover for weeks even months. Pretty advanced, huh?
One could argue that it’s the centralized system of the exchange to be blamed mainly. True. Who wouldn’t want a decentralized exchange, which is solid in scalability, security and privacy?
Good news is there are teams heading that way, aiming at visionary and futuristic goal, but making progresses realistically and pragmatically. KuCoin’s second Spotlight project Trias is one dedicated of them.
Aligning with today’s topic, let’s brief a bit about Trias’ take on security.
To make it easier to understand, we can interpret as a derivative of Trust Execution Environment (TEE). Great, what on earth is TEE? The short answer is, Apple is TEE.
More accurately, the data collecting, protecting and utilizing technology Apple applies is TEE. For instance, when an iPhone user log into his/her cell with fingerprint, which is obviously sensitive information, the machine itself doesn’t touch the data, rather, it sends the data to some secure place for further storage and utilization. That place is trust environment.
It’s not very hard to tell, given that TEE greatly rely on hardware, each system/brand is relatively isolated.
In the current blockchain world, isolation is not rare either. That’s why there are dozens of projects working on cross-chain solution.
Based on TEE, the Trias team has come up with a universally-adapted framework — an infrastructure system that supports TEE nodes. That said, Trias network significantly hedges the potential security risk from the very beginning.
With that, the nodes, in spite of each one’s own TEE system, would be able to validate its peers’ credibility, and deliver the validation result among all the nodes via Gossip protocol. With infinite iterations, the “most-unlikely-to-be-dishonest” node will be screened out and shoulder the responsibility to issue smart contract programs. That ultimately will lead to an efficient but secure computing environment.
On top of the above two layers, there’s the third layer, a localized TEE for contract execution.
Together, it’s Trias’ Leviatom computing system, which will provide unique program whitelist (the contrasts to the malicious programs) for each node, which would be able to detect and prevent the hacking programs from sneaking in, which would effectively protect a system (exchange trading system in this case) from being attacked by means like APT.
So, you see, failures — regardless of how expensive they are — couldn’t and shouldn’t stop us and the industry from evolving.
Point is that we learn from each other, we cover each other’s ass.
