TechRisk Reading Picks

1. South Africa’s Cloud concerns: South African executives are highly concerned about cloud security, as revealed in a survey of 500 CTOs, Directors, C-suite respondents, and business owners. 89% of these leaders in South Africa consider cloud security a major worry. They are facing obstacles in cloud adoption, particularly in the areas of cybersecurity (37%) and a lack of technical skills (39%), which hinders their ability to leverage the cloud's benefits. Interestingly, South Africa places a greater emphasis on basic security risks, while more mature markets focus on higher-level threats. The country's cloud computing market is rapidly expanding, thanks to the presence of major cloud infrastructure providers like AWS and Microsoft Azure since 2018 and 2019, respectively. [more]

2. Things to note when migrating to PQC: NTT DATA, a global digital business and IT services provider, has published a white paper which has summarised points to remember when migrating existing cryptographic technologies used in various information infrastructures to Post-Quantum Cryptography (PQC). [more] [more-whitepaper]

   1. The whitepaper pointed out the following seven points to note:

      1. Data size may increase

      2. Processing speed may be slow

      3. Increase crypto-agility

      4. Consider re-encrypting if encrypted data is stored in the system

      5. If using TLS hardware, is there enough time for procurement

      6. Continuous collection of information published by NIST, SOG-IS, etc.

      7. Understand the PQC functions provided by the cloud service provider

3. AI poses risk to financial stability: BOE warned that AI will pose financial stability risk. Artificial intelligence risks amplifying financial stability risks and undermining trust in banks, a Bank of England analysis concluded as global leaders and businesses prepare for a crucial summit on containing the technology. [more]

4. Improving the security of open source software in OT/ICS environment: CISA, the Federal Bureau of Investigation, the National Security Agency, and the U.S. Department of the Treasury released guidance on improving the security of open source software (OSS) in operational technology (OT) and industrial control systems (ICS). [more]

   1. The guidance provided recommendations to OT/ICS organizations on:

      • Supporting OSS development and maintenance,

      • Managing and patching vulnerabilities in OT/ICS environments, and

      • Using the Cross-Sector Cybersecurity Performance Goals (CPGs) as a common framework for adopting key cybersecurity best practices in relation to OSS.

   2. NSA also released a repository (elitewolf) of OT intrusion detection signatures and analytics to secure OT environment. [more][more-repository-elitewolf]

Web3 Cryptospace Spotlight

1. FTX’s crypto heist: A WIRED investigation reveals FTX’s “very crazy night” trying to stop a $1 Billion crypto heist the same chaotic day FTX declared bankruptcy. [more]

   1. Lax security practices and the opaque nature of how business was conducted at crypto exchange FTX could have resulted in billions of dollars in losses when the platform was hacked last year.

   2. Separately, research firm Elliptic said some of the stolen funds appear to be linked to Russian cybercriminal groups, citing on-chain analysis. [more]

2. Galxe’s DNS compromised: 6 Oct - Web3 platform Galxe suffered a security breach and lost at least $150K in digital tokens. The incident has left numerous users grappling with inaccessible funds and wallets, including offline Galxe’s website. In response to the breach, the platform has issued advisories, urging users to disconnect their wallets and refrain from confirming any transactions. The breach has been attributed to a DNS account compromise involving the platform's domain nameservers hosted on Dynadot, a domain marketplace. [more][more-2]

   1. There were concerns about Galxe's security infrastructure. This has prompted cryptocurrency experts to question whether the platform had taken adequate precautions to protect its users from potential threats. [more]

3. Platypus exploited again just after 9 months: 12 Oct- DeFi Platypus, an Avalanche-native StableSwap protocol, suspended its pools due to a flash loan exploit in the DeFi platform, resulting in losses of over $2 million. PeckShield was the first to report the attack, while CertiK's investigation revealed that two attackers took approximately $1.3 million in wrapped AVAX (WAVAX) and $913,000 in liquid staked AVAX (sAVAX). An ongoing investigation is being conducted by Platypus to determine the details of the incident. [more]

4. South Korean crypto exchange faced increased attacks: 9 Oct - South Korean cryptocurrency exchange Upbit has been targeted by hackers on more than 159,000 occasions in the first half of 2023, according to its operating firm. The figures were reported to South Korean Representative Park Seong-jung of the People Power Party, according to an Oct. 9 report by the South Korea-based Yonhap News Agency. [more]

   1. The report shows a 117% increase from the first half of 2022 and 1,800% increase from the first half of 2020.

   2. Upbit is one of South Korea’s largest cryptocurrency exchanges, with a 24-hour trading volume of around $1.2 billion, according to CoinGecko. Other major exchanges include Bithumb, Coinone and Gopax.

5. Hacker returned loot: HTX, previously known as Huobi, experienced a hack where hackers stole $8 million worth of ETH in Sep. Subsequently, HTX indicated that it has identified the attacker and asked for the stolen funds back, offering a 5% bonus as an incentive. Remarkably, the attacker returned most of the stolen ETH, keeping only 1 ETH. This is a rare event in the cryptocurrency exchange world, underscoring HTX's successful identification and recovery efforts. [more]