As digital currencies continue to grow in popularity and value, it is also becoming an increasingly tempting target for cybercriminals due to the anonymous and irreversible nature of cryptocurrency transactions. The amount stolen over the past 4 years alone in crypto attacks and hacks having reached the $10-billion mark.
Given the scale of the problem, a growing number of companies are entering the blockchain and security space – it is currently the fastest growing space in cybersecurity. With $7 billion raised already in 2018, the value of vulnerable currency is increasing.
Sentinel Protocol is a company that aims to create a secure ecosystem for cryptocurrency using blockchain’s own distributed peer to peer nature to fight back against hackers and groups 'phishing' for information and security codes. To find out more about the approach the security startup is taking in protecting the cryptocurrency space, as well as to provide insights on the threat landscape and increasing need for crypto asset security, CSA interviewed John Kirch, Chief Evangelist at Sentinel Protocol.
The following is the full transcript of the email interview.
CSA Editor: What are some of the biggest cryptocurrency/blockchain security challenges today?
John Kirch: During recent years, over two billion USD of crypto tokens have been hacked. There have been attacks on wallets, exchanges, smart contracts, network nodes, web applications, and domain name systems “DNS”. Blockchain’s DAPPs and connected applications lack adequate cyber security safeguards.
Today there are three big cyber security issues facing the average cryptocurrency user. The first issue is that ordinary blockchain users are exposed to phishing, malware, fraud and scams far too easily. The second issue is that whilst attackers can frequently easily identify potential victims and the software tools and their versions that we are using; unfortunately, we cannot easily identify bad actors as they prepare to launch their grisly attacks on our crypto assets or even after we have suffered damages. The third issue is that individuals and the organizations who suffer damages generally bear the sole responsibility for resolving the damages and finding a solution to prevent the same attack in the future – there is no organization to which they can turn for cyber security tools and consulting services for mitigating cyber security attacks or for seeking the recovery of their stolen crypto assets.
As today’s conventional cyber security tools fail to address the above issues, it is clear that we urgently need cyber security tools and technical support services to protecting the crypto assets of individuals and organizations from hacks, scams, and fraud.
CSA Editor: How is cryptocurrency security different from securing conventional forms of onlinetransactions, exchanges or wallets?
John Kirch: Conventional online transactions, exchanges, payment systems, and wallets have centralized management and control; transactions are between “trusted” parties, not anonymous ones; and transactions are generally private, i.e. they are openly shared with unknown third parties. With conventional computer systems, most have a centralized design; thus, they have points of failure; and modification of historical transactional data can be done without difficulty once read/write access to the datafile has been achieved. In the decentralized crypto-world, many crypto exchanges, payment systems and wallets are connected to the blockchain, not a conventional computer network. The blockchain is a decentralized network allowing peer-topeer transactions without centralized organizational control; transactions are frequently done anonymously, “trustless” or “distributed trust”, without knowing the real identity of the other party by leveraging consensus algorithms; and the blockchain ledger of past transactions is distributed and stored on each network node. Furthermore, there is no single point of attack - blockchain offers operational resilience; and transactions written to the blockchain are immutable, i.e. data written to the blockchain ledger is very difficult to alter or delete.
With a blockchain-based reputation system, if there is a cyber security attack on the blockchain’s distributed ledger, the decentralized architecture of the blockchain provides a natural deterrence to DDOS attacks and network fragmentation.
However, a blockchain-based system relies on trust and reputation measuring the quality of information. An attack by a rogue actor, a Sybil attack, cannot be easily detected and defeated by a blockchain with the basic blockchain capabilities since a bad actor who has previously accumulated trust and reputation could authorize a transaction. However, by using the power of collective intelligence and consensus mechanism involving others, that weakness can be successfully eradicated.
CSA Editor: In cases of crypto hacks or attacks, is it possible to retrieve what has been stolen and return them to the victims, or are stolen crypto assets completely untraceable?
John Kirch: New blockchain based applications are constantly being developed and brought to market; however, still we have no international notary system that can be used to investigate and confirm whether specific crypto tokens have been stolen. This will be true as long as hackers can trade stolen crypto tokens anonymously by tumbling, mixing, or utilizing anonymous coins.
Today with credit and debit cards, once a stolen credit card has been reported, credit card companies can detect the use of stolen credit cards and block their use. Similarly, with hacked crypto coins, it is possible to build and deploy systems that can serve to detect and alert a financial services provider or a wallet holder of stolen coins in a proposed transaction. Even with anonymous coins, there are software technologies that been designed to detect and trace the use of anonymous coins. By detecting the presence of stolen crypto coins, it is possible to block the use of the stolen crypto assets and prevent their conversion to a fiat currency or to a
different cryptocurrency. By having the ability to detect stolen cryptocurrencies, regulations related to the trade of stolen crypto assets can be enforced, and the costs associated with hacking cryptocurrencies would increase significantly.
Let me provide an example. A hacker named Roger has a wallet containing stolen cryptocurrencies that he hacked from various victims. Before cashing, he distributes coins to various sub-addresses to avoid future efforts to trace the flow of the crypto coins. The distribution to sub-addresses is made possible by design of the cryptocurrency wallet that he is using. Alice was one of Roger’s victims. As soon as Alice finds out her crypto assets have been stolen, she could report it to us using our Sentinel Portal. The Sentinels, a group of trusted security experts, would then confirm the hacking incident, and register details of the hacking incident case into our Threat Reputation Database (TRDB). Sentinel Protocol has the capability to automatically track all sub-addresses associated with a transaction’s original registered addresses. Sentinel Protocol then shares details of the hacking incident with leading cryptocurrency services around the world including the crypto exchanges that have not integrated Sentinel Protocol into their systems.
Thus, if Roger were to attempt to convert the stolen crypto, each crypto exchange that had integrated Sentinel Protocol into their systems or had been notified of the hacking incident would be able to generate a high priority alarm – the alarm will serve to cut off any chances for hacker Roger to trade or monetize the stolen coins. With the systems deployed at current crypto exchanges, it would not be easy for Alice to obtain the return of her stolen crypto coins since because as there is a lack of communications or shared data between the world’s judicial systems and countries. By notifying Sentinel Protocol of the hacking incident, the details of a hacking incident could be shared with leading crypto service providers worldwide. In this manner, Sentinel Protocol could become commonly used by organizations globally to detect stolen crypto coins and to enable compliance with legal
regulations and laws.
CSA Editor: What is Sentinel Protocol’s approach in tackling today’s growing crypto threats?
John Kirch: Sentinel Protocol’s overall approach is to provide a cyber security ecosystem of software solutions for protecting the valuable crypto assets of individuals and organization and to complement those software solutions with professional support services including: suspicious incident analysis, vulnerability analysis, network scanning, and perhaps other services in the future – these services would be provided by a group called the Sentinels. The Sentinels are a group of individuals, security experts, organizations, including ethical hackers, who will be providing consulting services to Sentinel Protocol’s users; and in consideration for their security contributions, the Sentinels will receive attractive incentives and rewards. Sentinel Protocol provides financial rewards for collective intelligence contributions from ethical hackers and security vendors.
Unlike the past, there will be clear incentives to share security knowledge and data. For tackling today’s growing crypto threats, the Sentinel Protocol will provide a crowdsourced threat intelligence platform, running on the blockchain, that will leverage blockchain’s consensus and incentive system. Sentinel Protocol will collect, analyze, and validate information related to phishing, malware, hacks, scams, and fraud in real-time to develop the data needed to protect cryto assets; we will then leverage our Threat Reputation Database (TRDB) to share our Collective Security Intelligence via APIs to varying types of endpoints used by crypto exchanges, payment systems, wallets and other systems to protect crypto-assets and to equip our users with a pro-active cyber security defense. In addition, we will provide a secure wallet, named S-Wallet, that will serve to filter threats and attacks machine-learning based for detecting new, emerging threats and attacks along with a distributed sandboxing system for detect zero-day attacks, malware, and advanced persistent threats “APTs”.
CSA Editor: Does Sentinel Protocol have a presence in Southeast Asia? What are some of the company’s activities or plans in this region?
John Kirch: The headquarters for Sentinel Protocol are located in Singapore, and we have branch offices in Seoul, South Korea and Tokyo, Japan. Throughout the Asia/Pacific region, Europe, and the United States, we have numerous, varying types of technology partners. In terms of activities we are actively participating in leading blockchain events throughout the region and working to build incremental strategic partnerships aimed at optimizing the value and capabilities of Threat Intelligence Platform for protecting crypto assets. In addition, we have online Telegram-based communication channels with our community in Chinese, English,
Japanese, and Korean.
In the future, we plan to focus significant resources on building a strong presence in key Asian markets including Japan, Singapore, South Korea while also supporting and assisting other markets expressing a strong interest in our technologies. We will also be working with our Partners to help and assist them in their efforts to integrate our cyber security solutions with crypto exchanges, payment systems, and wallets. Furthermore, we will be conducting campaigns to recruit individuals, security experts, organizations, and White Hat hackers to join the Sentinels. Finally, we will continue our efforts to recruit well-qualified, ambitious security professionals to join our dynamically expanding team to help power our future growth and success focused on satisfying the security needs and requirements of our users and partners.