state of bitcoin security - inside bitcoins april 2014 - bojan simic

State of Bitcoin Security

Bojan Simic@bojansimic @[email protected]

Bitcoin Security Project

When it comes to security….


Remember the 5th of November


Enigma Machine in WW2


00000000


Need a Debit Card?


Internet Security

Target – 70,000,000 credit

card records

Adobe – 38,000,000 CC

numbers & user accounts

American Business Hack – 160,000,000 credit card

numbers and bank accounts

SONY PSN – 77,000,000 User

Accounts

US Military – 76,000,000 SSNs of

Veterans

Top 4 hacks of 2013 resulted in 575 MILLION compromised accounts!


Bitcoin (In)security

Bitcoin Savings & Trust


Why?


Hackers are getting smarter, there’s more of them, and there are more targets every day

91% of surveyed companies had a security incident in the last 12 months.


So what can you do about it?


The average security breach costs $50,000 – $650,000


Hire or train developers qualified in security

Protecting Sensitive Data

Preventing Injection Attacks

Preventing XSS

Access Control Strategy

Business Function Access Control

Data Layer Access Control

Securing User Sessions

Managing Identities in Apps

Using SSL

Threat Modeling for Apps

18.8%

77.0%

70.0%

30.0%

55.0%

40.0%

51.0%

61.0%

69.0%

24.0%

Developer’s Scores

Companies that train developers in security have 73% less vulnerabilities


Store your bitcoins securely!

Paper Wallet

COLD STORAGE!

Smaller businesses are victims of cyber crimes more often than big firms


Encrypt EVERYTHING!

• Transactions• Passwords• SSNs• Addresses• Images• Credit Cards• DOB• Other PII…

73% of Americans have been victims of a cyber security crime


Take advantage of free resources & tools


Start a security bug bounty!

Fixing a security vulnerability post-release costs 30X more than in dev


?’s(Donations)

• Follow @cryptosecurity • Sign up at bitcoinsecurityproject.org• [email protected]

state of bitcoin security - inside bitcoins april 2014 - bojan simic

Technology