ICORating, a rating agency that does independent analytical research, evaluating ICO projects, and assigns them the rating, published exchange security on October 2nd, 2018.
The report stated that over the last 8 years about 31 cryptocurrency exchanges have been hacked and about $1.3 billion were stolen. The security report examines the potential reason for exchange hacks, based on four parameters:
> Code errors
> User account security
> Registrar and domain security
> Web protocol security.
According to the statistics, Coinbase Pro has a score of 89, based on the parameters and stands in the #1 ranking, it is followed by Kraken with 80 scores. For the purpose of presenting the report exchanges whose daily trade value exceeds $1 million were selected and the total number of exchanges on the list is 100.
Among other cryptocurrency exchanges was Zaif, the Japanese cryptocurrency exchange which was recently hacked. The exchange lost up to $60 million worth of cryptocurrencies in the hack, the hack was found after a brief survey was conducted following a disturbance in deposits and withdrawals. In the report, it came in at #89 rank with by scoring just 29 points. It was one among the two exchanges that did not satisfy any of the four parameters completely, the other being OKCoin in the #100 ranking.
In terms of coding errors which could lead in the malfunctioning of some systems that might lead user data loss, the report discovered that 32% of exchanges have code errors.
For other parameters are:
User account security; only 46% of exchanges meet all four parameters (creating a password, password with either digits or letters alone, email verification, the presence of two-factor authentication).
Registrar and domain security; only 4% of exchanges are using best practices like registry lock which prevents anyone from making changes to the domain and role accounts, protects individuals in your organization from being targeted by attackers.
At present, more than 200 cryptocurrency exchanges are working and hack of one exchange would not affect the market on a large scale. Furthermore, many countries already have a cryptocurrency regulation in place to scrutinize the security aspects of cryptocurrency exchanges, and yet traders are not completely shielded from the loss of their cryptocurrency assets. These losses could be blamed to the lack of security measures that cryptocurrency exchanges have apply.
“Over the years, digital thieves have stolen millions of dollars’ worth of
cryptocurrency from various exchanges. Transactions and assets are not
secured in any way, which makes investing in cryptocurrencies really hazardous. The largest cryptocurrency exchanges contain vast amounts of digital cash. These facts are really attractive for hackers,” the report mentioned.
Exchanges like Mt.Gox, Bitcoinica, PicoStocks, Bitcurex have been victims of multiple hucking in the past.
Mt. Gox which was the world’s largest bitcoin exchange handling 70% of the world’s bitcoin transactions, in 2014 declared that approximately 850,000 bitcoins belonging to customers and the company were missing and likely stolen, an amount valued at more than $450 million then. The reasons for this hack are connected to a lack of security testing policy