FSA to Cryptocurrency Exchanges: Improve Your Cold Wallet Security Protocols
The Financial Services Agency (FSA) of Japan is mandating cryptocurrency exchanges in the country to enhance security features on their cold wallet storage, Reuters reports, April 16, 2019. This directive comes as security experts warn that internally-orchestrated exchange hacks are becoming a clear and present danger.
FSA Urges Greater Security for Cold Wallet Storage
According to Reuters, an anonymous source close to Japan’s Financial Services Agency (FSA) stated that the regulatory body wants exchanges to beef up their internal security. The FSA also identified security protocols for cold wallets as a likely weak-point for many platforms.
For the FSA, many platforms in the country are not optimizing the security of their cold wallet storage. The anonymous source also highlighted an example where employees put in charge of administering the cold wallets weren’t rotated periodically.
The focus on cold wallet storage follows the restrictions placed by the FSA on the use of hot wallets by exchange platforms. This restriction emerged following numerous cyber attacks against Japan-based platforms leading to the theft of hundreds of millions of dollars in cryptocurrencies.
At the start of 2018, Coincheck, one of the country’s exchange platforms suffered a $530 million hack. This incident caused the FSA to adopt even stricter regulations as the Agency tried to lead the charge for more robust security and other operational protocols for cryptocurrency exchanges.
These stringent laws, however, forced platforms like Binance and OKEx to shutter their operations in the country in favor of friendlier climes like Malta. Many exchanges had initially moved to Japan after China outlawed trading and initial coin offerings (ICOs) in September 2017.
Cryptocurrency Exchange Hacks: Rising Threat of Inside Jobs
Part of the Q4 2018 report released by CipherTrace, a blockchain security firm, stated that the threat of internally planned attacks on virtual currency was rising.
In March 2019, reports emerged of another Bithumb hack less than a year after hackers stole $30 million from the same platform. While announcing the hack, the South Korea-based cryptocurrency exchange alluded to the attack being the work of “internal actors.”
This singular admission alone brings up a new dilemma in the quest to create safe storage of cryptocurrencies on exchanges. Bithumb is one of the largest virtual currency exchanges in South Korea along with Coinone, Upbit, and Korbit – all four collectively known as the “big four.”