Dressing down for work and NDAs before office parties are just some of the ways crypto exchange Kraken protects itself from ransomware, reports Bloomberg.
Payward (which operates the San Francisco-based crypto exchange) built its culture of vigilance to keep employees from becoming easy targets for hackers.
- New Kraken employees reportedly spend two days in a cybersecurity class.
- They receive a 70 item security checklist suggests alarms and security cameras at home.
- Staff can’t disclose office locations to their families.
According to Bloomberg, Payward’s Japan chief Takeshi Chino even had his six-year-old son sign an NDA before attending a company event.
At the time, Payward’s security staff had already vetted Chino by scouring public and government records — and the dark web.
Once part of the team, Kraken employees are banned from identifying themselves as such.
According to Kraken, anonymising workers helps protect against targeted attacks like spearphishing and ransomware.
Kraken has long urged crypto fans to take operational security (op-sec) seriously.
A blog from 2019 encouraged Kraken customers to be coy about crypto’s success to avoid targeted attacks.
“We know from our intelligence activities using honeypot profiles that groups actively lurk in social media and chat rooms compiling profiles on the individuals and then target them with an attack,” said Kraken at the time.
Travelex ransomware tale a warning for Kraken
According to the cybersecurity firm Clearsky, hackers use social engineering to ensnare individuals rather than attempt hacking entire organizations.
By gathering information on employees, hackers can direct phishing efforts to dupe staff into installing malware.
Ransomware attackers use malware to encrypt essential and sensitive data. They then demand payment for a special decryption tool.
Typically, those crews accept Bitcoin and Monero because they’re relatively hard to trace and claw back.
One prominent example is Travelex, which fell victim to ransomware in December 2019.
The fiat exchange was totally crippled by the ordeal, with hackers requesting $6 million in Bitcoin to delete the stolen data and provide a decryption key.
Travelex negotiated to pay just 386 BTC, worth $2.6 million at the time but today nearly $14 million. The London-headquarted firm entered administration in last August a result of the attack.
More recently, Colonial Pipeline coughed up $5 million (around 75 BTC) to hacking group DarkSide, who successfully shut off 45% of the the US East Coat’s fuel supply.
The FBI however recovered 63.7 BTC ($2.3 million) of Colonial Pipeline’s ransom to Russian-linked DarkSide.