Once again, the news is filled with debates and discussions about crypto exchange security after one of the exchanges, KuCoin was compromised by hackers. According to Bybit CEO, this shouldn’t really come off as a surprise to people because most of the cryptocurrency exchanges out there are vulnerable by design. Ben Zhou, the CEO, said that the whole point of failure is the exchanges themselves. Since these exchanges are a centralized web application, they are susceptible to the same security problems and issues as the other websites. However, security is becoming of the utmost importance because traders and investors are increasingly giving responsibility to the exchanges for protecting funds.
Zhou said that most of the crypto exchange storage networks and servers use hot wallets for storing digital currencies. If proper protection is not used for these hot wallets, it will make them vulnerable to the risk of theft. According to Zhou, a cold wallet system is a more secure option because they are not connected to the internet like hot wallets, which expose the latter to the risk of hacking. On the other hand, cold wallets are not maintained online and the only downside of these wallets is that you cannot use them for making huge withdrawals on the exchange right away.
As per Zhou, the highest priorities on the agenda of every crypto exchange out there should be investing in security, particularly if they operate online. In order to battle potential hacking threats, it is also essential for exchanges to address those vulnerable areas and use several security layers for penetration testing. Moreover, whichever security system is used should also protect information at every single point of communication and interaction. This means all user data should be protected from account registration, logging in, trading, or through any communication with the platform.
The Bybit CEO said that this could be accomplished by using best practices for applying lifecycle management, hiring reputable and knowledgeable security consultants for testing the system, and running reward programs in the white hat community for identifying any potential loopholes. He also recommended that crypto exchanges should work with renowned security firms for carrying out security audits, applying strict management processes, and investing in zero-trust architecture. The last one requires anyone trying to access the service to first give verification as a means of potentially preventing internal and external data breaches.
He stated that there are numerous bespoke security solutions that can be found from third-party vendors and can be used by exchanges, but said that these would be developed in-house. According to Zhou, Bybit had invested significant resources in enhancing and developing their own security protocols and solutions. They are protecting their users’ funds by using a multi-signature cold wallet system. As far as combating potential threats of hacking are concerned, several red alert scenarios were organized and conducted by Bybit, along with bounty programs in the white hat community. This was done to ensure that the system didn’t have any vulnerabilities that could be exploited.