Financial Services: Crypto Asset Protection

As a custodian of cryptocurrency, this financial organisation had to balance the need for rapid access to digital assets with the requirement to repel cyberattacks from those intent on compromising their systems.

Business Challenge

Securing Keys from Attack

As a custodian of digital assets for corporate investors, this organisation is well aware of the threat of cyberattacks against cryptocurrency wallets and the keys they contain.

While a “cold” wallet, one that is disconnected from the Internet, offers maximum protection from attack, the delays it introduces in a fast-paced industry like crypto can be unacceptable. Equally a “hot wallet”, one that is connected to allow rapid transaction verification, represents a prime target for cyber criminals. For an organisation looking to cement their reputation as a secure custodian of investor’s digital assets, the challenge was clear. How to achieve the best of both worlds.

“Our challenge was to deliver the security of cold wallet, with the functionality and speed of a hot wallet.”

Solution

Threat Removal for Crypto Security

The organisation is deploying Threat Removal for Crypto Security. Inbound connections from the crypto application are intercepted and terminated by Deep Secure Threat Removal on an edge server on the untrusted network. Each request is represented in a Deep Secure internal format and checked against a schema.

If the request is successful the data is verified in FPGA hardware logic using Deep Secure’s High Speed Verifier (HSV). This ensures the data coming from the ‘untrusted’ network is not harmful and only contains the expected data in the correct format. The FPGA provides an independent check on the data and can be trusted because it cannot be modified by an attacker.

The ‘simple format’ is then rebuilt on a Threat Removal server on the secure enclave network, before being transferred to the application for transaction validation. The entire process ensures that no malware – known or unknown – can cross the boundary between untrusted and trusted networks.

“The goal is for the process to take milliseconds and be entirely transparent to the application, which believes it has communicated directly with the server in the secure enclave.”

Results

Repelling Attack

The organisation is able to offer Investors a service that delivers fast access to digital assets and repels cyberattacks from those intent on compromising its systems by accessing the crypto wallets and keys.

“With Threat Removal for Crypto Security, we can offer all the productivity benefits of a ‘hot’ wallet with the security benefits of a ‘cold’ one.”

Back