February 22, 2024

Why crypto exchange Kraken’s security team lives in the shadows

Kraken’s chief security officer wants his 400-member team to stay away from social media as he believes their presence on platforms like Twitter and LinkedIn can create security risks for the crypto exchange.

Nick Percoco has allowed only a handful of people from his team to publicly confirm their roles and has instructed the rest to work from the shadows as hackers go after social media profiles of crypto employees.

“We set a policy in Kraken about five years ago that if you don’t need social media as part of your job, avoid social media platforms. Today in our security team, less than 5% of people are publicly known and that’s part of our security design,” Percoco told Financial News.

READ Crypto exchange Kraken hires new UK head to lead expansion

Security has remained a major concern for crypto firms around the world. From Mt. Gox’s 850,000 bitcoin hack in 2014 to the $125m hack of Multichain in 2023, crypto owners have lost billions of dollars worth of assets to cybercrime in the last decade.

Hacking of decentralised finance platforms jumped in 2021 and 2022 when digital asset owners lost $2.5bn and $3.1bn respectively. While the figure dropped to $1.1bn in 2023, hacking attempts from North Korea-linked groups have been on the rise, according to a January report from blockchain intelligence firm Chainalysis.

Percoco, who joined Kraken in 2018, said that the social media presence of people who look after a crypto firm’s security exposes the company to possible hacks.

“We know it does. We have seen it,” Percoco said.

“When I joined, Kraken was expanding and people from traditional finance backgrounds started joining the firm. When they changed their social media profiles with new job titles on platforms like Twitter and LinkedIn, hackers started targeting them. We had to introduce a strict social media policy, especially for people working on the security side,” he added.

READ Kraken UK head Blair Halliday: ‘Regulation doesn’t make your life easier’

Percoco said that Kraken’s security team is still doing three-to-four takedowns of malicious websites on a daily basis, including phishing sites, social media impersonators, and domains targeting the firm’s employees.

Despite the constant hacking and phishing attempts, Kraken’s security chief is optimistic about the future of security across the crypto ecosystem.

“Security in the crypto ecosystem is far better than what it was about five years ago, [and] it will get better in the future,” he said.

To contact the author of this story with feedback or news, email Bilal Jafar

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *