Fintech CEO: Hacked Google Cloud Accounts Leave Crypto Custody Questions

  • Cloud
  • 03.12.2021 08:00 am

Google recently released a Threat Horizons Report which is supposed to help organizations improve security and keep their cloud secure. The report noted that 86% of 50 recently compromised Google Cloud accounts were then used to mine cryptocurrency. A majority downloaded cryptocurrency mining software less than a half minute after being hijacked.

“Cryptocurrency mining is computationally intensive, and that leaves bad actors scrambling for ways to access that computing power. Any time there is value, there will be bad actors. These crypto scams are the modern-day version of ripping off armored stagecoaches delivering gold. If you recall, Wells Fargo and others, back in the day, were known for their armed guards and detectives. James Hume, a former El Dorado County Sheriff, managed Wells Fargo risk for several decades, using cutting edge practices, including what we might call extremely early ballistics comparisons and mugbooks, which compiled photographic evidence of scoundrels of the day. Anything of value will always inspire bad actors. It is up to those protecting the assets to employ the best available resources to thwart the criminals in their tracks,” said Richard Gardner, CEO of Modulus, a US-based developer of ultra-high-performance trading and surveillance technology that powers global equities, derivatives, and digital asset exchanges.

“Malicious actors were observed performing cryptocurrency mining within compromised Cloud instances,” Google wrote in an executive summary. Notably, most of the Cloud Accounts which weren’t used to mine cryptocurrencies were utilized to identify vulnerable systems.

“When you think about cryptocurrency, if it is worthwhile to take advantage of weak security practices in Cloud services in order to mine them, can you imagine the payoff to hack into an exchange or custody service to actually steal the assets? Especially when we’re talking about institutional investors which may be sitting on hundreds of millions of dollars’ worth of digital assets. I think this Google report should be a reminder to all of us that there is extreme value in cryptocurrencies, and that value will always encourage bad actors,” said Gardner.

“Practically, that means that we must be ever-vigilant against malfeasance. For a long time, we’ve been talking about the need for exchanges to prioritize security, but as custody providers begin to gain steam, I think we should be equally insistent that the custody sector is as secure as possible. I mean, when you have an industry leader named in a lawsuit which alleges that they are responsible for the loss of $70 million in digital assets, it doesn’t inspire confidence. I think it is reasonable for folks to look at the current picture and say, ‘Yeah… custody definitely needs a reboot,’” Gardner said.

Modulus is known throughout the financial technology segment as a leader in the development of ultra-high frequency trading systems and blockchain technologies. Modulus has provided its exchange solution to some of the industry’s most profitable digital asset exchanges, including a well-known multi-billion-dollar cryptocurrency exchange. Over the past twenty years, the company has built technology for the world’s most notable institutions, with a client list which includes NASA, NASDAQ, Goldman Sachs, Merrill Lynch, JP Morgan Chase, Bank of America, Barclays, Siemens, Shell, Yahoo!, Microsoft, Cornell University, and the University of Chicago.

“Whether you’re looking at exchanges themselves or the custody providers which are supposed to keep assets safe, or even tangentially related targets, like Cloud accounts utilized to mine digital assets, I think we’re at a point where the industry must demand better. In order to fully turn the corner so that every investor is comfortable with having a crypto component in their portfolio, the industry must always be three steps ahead of bad actors and their malfeasance. That’s where we’re at. Exchanges and custody providers must be expected to remain on the cutting-edge of technology,” said Gardner.

Related News