Web security and high availability for blockchain-based businesses and financial institutions from Incapsula
Blockchain and cryptocurrency news was all the rage last year and it looks like that trend will continue to rise in 2018. Blockchain technology is on its way to being adopted in many aspects of our lives as merchants have started accepting cryptocurrencies for gambling and games, as well as for IoT inter-transactions, documents registration, and for securing digital elections. Startups with new ideas are being launched on a daily basis to fill the demand. There is also more adoption of cyber application innovations in Fintech companies and financial institutions.
The financial tech industry is stepping up and evolving quickly including adopting blockchain-based technologies. Many startups are inventing new types of off-banking loans, including money transfers with no third parties such as banks, credit cards issuers, SWIFT and PayPal. Japanese banks, for example, have already adopted cross border money transfers with Ripple, while American Express uses Stellar network for similar applications.
Eleven blockchain-based companies are listed in The Forbes Fintech top 50 this year and include Vanguard, BitFury Group, Coinbase, Ripple, Shapeshift, Veem and others.
Why blockchain?
Blockchain technologies such as Ethereum are designed to eliminate the need to have a third party (lawyers, banks and other services) involved in contracts and make trustless transactions verified automatically. The foundation of blockchain technology is that it is built in a way that deters denial of service attacks and other service abuses such as spam on a network. It does this by requiring an additional layer of work from the service requester, which usually means processing time by a computer.
As financial institutions are high value targets for hackers, the implementation and development of innovative solutions are crucial. As the credibility of the cryptocurrency field grows, it has a direct correlation to Fintech and enhances it by combining top cyber solutions with innovative Fintech applications. While blockchain technology is resistant to DDoS and other service abuses by its distributed nature, the companies that utilize these technologies still have weak spots that can be exploited.
We already pointed out these weak spots in cryptocurrency exchanges, crypto wallets and ICOs. These vulnerabilities are always in areas that are centralized and not based on distributed ledgers.
Web-based open platforms
Even companies with core business on blockchain require web servers. These servers are not necessarily used for websites that are accessed via browsers. They can be used for business transactions, client-server APIs, mobile apps APIs and other applications.
Startups in such rapidly-emerging and competitive industries are often required to move quickly to demonstrate the uniqueness of their service or product. Technical teams in emerging companies are busy concentrating on implementing the business idea and simply cannot concentrate on security of the service or product.
For example, none of the crypto wallet providers or any other services that accept blockchain-based transactions are checking if a transaction is coming via the Tor network despite several reports of fund thefts when a crypto wallet is accessed through the Tor network. Blockchain transactions are not secure while connected via the Tor network as shown by the following hacks reported on bitcointalk.org as well as on other resources.
One example is startup Veritaseum that became a victim of a hack and lost funds just a week after the CoinDash site was defaced and led investors to send funds to the hacker’s wallet. As mentioned on CoinDesk portal, unlike in the CoinDash case, all stolen coins came from the company itself.
Cryptocurrency startup Tether is another example of a company that lost almost $31M due to “malicious actions by an external attacker,” the company said in a post.
Challenges for global businesses
In our global, highly-connected era many businesses, especially those that based on blockchain, depend on cross border markets.
The Imperva WAF service can offer an integrated solution for financial services or products by helping protect not only the service from being attacked through weak spots, but also improve availability for highly-distributed services. It will not only secure the service, but also free up many resources and reduce development timelines. This lets developers and technical teams concentrate on doing what they do best-implementing their innovative idea and building a stable product.
Financial services like OmiseGo and TenX, which enables payment services across jurisdictions and across both fiat money and decentralized currencies definitely require fast and secure access to their applications. This can (and should) be achieved by implementing a CDN service in front of the application. If adjustments in the service are necessary for different countries, this can also be accommodated by the CDN service.
In some situations, it is necessary to differentiate between client application types and geographies, as well as other parameters. This requires implementing different behavior based on this type of information and the distribution of load between servers based on geography. All this can be done by a CDN with WAF with no need to change code on the application side.
While there are lots of services providing CDN, load balancing as well as security services for web applications, integrating them into one system and maintaining them is not an easy task.
Imperva Incapsula combines all of them into single service that does not require deep technical knowledge for integrating and maintaining and lets Fintech startups concentrate on their innovative ideas with minimal interruption for maintaining performance and security related services. Find out more about how our service protects financial institutions from DDoS attacks and helps them achieve HA.