Securing Exscudo accounts and associated infrastructure

In Exscudo ecosystem, there is a number of products and services operating with user accounts (e.g., Exscudo Exchange, or Channels app). A user account is a primary connection (in some cases - the only connection) a user has to assets in possession.

While accessing and managing these accounts, one deals with hard-and software products, web services, Internet connenction services, saved passwords, 2FA codes, or backed up images. The variety of tools and processes builds up an infrastructure to access and manage Exscudo accounts, and so shall be considered a system to be protected.

A failure in delivering the protection may result in theft of assets, inability to access them, or a long-term suspension of access/transactions to/of one's funds.

This article is aimed at providing a frame work for a complex understanding of the nature of the threat, key attack scenarios, and effective security measures. The article is not explaining every vulnerability, security threat or an attack scenario possible, rather referring to general security principles. Bad guys are creative, and so should be you.

Nature of the threat

The risks outlined in the above description (loss of assets, inability to access them, or a long-term suspension of transactions) are typically realized as a result of Attacks, which, in their turn, are based on applicable Security threats resulting from actual Vulnerabilities.

Understanding the interdependencies and correlations between these three, provides a clear understanding of what Countermeasures can be, and the steps to be taken to keep the accounts secured.

Vulnerability

A weakness which can be exploited to perform unauthorized actions. Such weaknesses may reside in a system's design, implementation, operation, controls, or management, and can be exploited in the frame work of corresponding security threats. There is a number of key factors to be considered when identifying and covering the whole variety of vulnerabilities, but the most important ones with regard to protecting Exscudo accounts are:

Human factor

One of the weakest link in any system, including an information security system, the human factor mostly refers to the immanent human quality of making unintentional security mistakes as a result of negligence, underestimation of risks, overall security ignorance, resulting in the absence of a basic and consistent security policy in place. All of which creates a group of specific vulnerabilities related to this factor, that can be exploited by their specific security threats (e.g., a chance of exposing entered credentials when demonstrating a screen during a Skype call).

Technological factor

Derives from the following features of modern hard- and software solutions:

  • Complexity. With respect to a great variety of tools and processes used to access and manage one's account, it is quite a job to properly manage, patch, and configure them. There is a huge possibility at any given point of time, that something is left exposed. The more devices, apps and services there is in use, the more likely it is to have seams with exposed vulnerabilities;
  • Consumerization. Here, the term is used to name the fact that whatever hardware, software, or web services in use, the vast majority of them are aimed at providing ease-of-use in the first place, while the security always comes second.

Combined together, the above factors and features create numerous vulnerabilities that can be exploited.

Security threats

A next-level substance of the discourse, referring to the very possibility of exploiting a vulnerability, or a number of vulnerabilities as a transition to a logically concluding attack. May, or may not be malicious by nature (intentional, or accidental).

Attacks

Actions that use vulnerabilities to realize a threat. While there is a countless number of attack scenarios that can be grouped in any suitable way, depending on research type, there is no need in operating with a matrix of attacks to have an understanding of countermeasures to take.

The table below provides a couple of examples of vulnerabilities to be exploited against resultant security threats, and the consequent attacks aimed at either gaining unauthorized access to an Exscudo Exchange account, or at termination of such access.

VULNERABILITY

SCENARIO

SECURITY THREAT

ATTACK

1

No security process in place: Exscudo Exchange is accessed from various devices

Using a corporate laptop to access Exscudo Exchange

A time management / data loss prevention software logging employee activity and data transferred, including entered credentials

An employee having access to the logged data (e.g., a corporate security officer) uses the logged credentials to access the account and withdraw assets

2

No PIN/Touch ID code required to access an Android phone

Device lost/stolen

Browser history exposing the use of Exscudo Exchange, plus a configured e-mail client to deliver Exscudo service/confirmation messages

An attacker requests password reset, stealing the account

3

Negligence

An attacker contacts a user on behalf of Exscudo support team, and provides a link to follow

The link leads to a clone of Exscudo Exchange web site, which remains unnoticed by the user

An attacker collects credentials entered when attempting to access account and then steals the accounts

Countermeasures

Address the two extreme points of the Vulnerability - Security threat - Attack chain:

  • Vulnerability, and
  • Attack.

Security threats are derived from vulnerabilities and are utilized in attacks, being a transitional substance. The countermeasures, in their turn, are the measures aimed at reducing the probability of an attack, or the impact of a threat, as well as to minimize the impact of an attack that has already happened. Therefore, they address vulnerabilities, and attacks, while not addressing the security threats.

In terms of countermeasures, there are two actors:

1. Exscudo

An important aspect in understanding Exscudo ecosystem is the sophisticated security policy to prevent scenarios that may lead to user'accounts and assets being compromised or stolen. While the countermeasures implemented and executed by Exscudo are not the subject of the article and will not be explained further, there are the following key features of the security policy to be considered:

  • The security policy is aimed at protecting personal data and assets;
  • Autodetection of untypical behaviors, and automatic suspension of corresponding operations;
  • Security officers to investigate security issues and mitigate threats.

2. Users themselves

The users have to apply security measures aimed at protecting the following objects against unauthorized or breached access, as well as against loss or destruction, by themselves:

  • Exscudo accounts, as well as their associated accounts (e.g., an e-mail, or a Google Authenticator account);
  • Devices used to access Exscudo products and services (e.g., a phone, a laptop);
  • Tools (e.g. a QR code used to generate codes with Google Authenticator app).

Proactive countermeasures

The proactive countermeasures are aimed at building a defense against future attacks to prevent the damage, addressing the vulnerabilities. The below tables summarize key recommendations, grouped by objects to be protected:

If applicable, it is recommended to complete Know Your Customer (KYC) procedure of the maximum tier available. It helps us identify account owners fast, which is crucial for the safety of funds in many scenarios.

Accounts / identity

COUNTERMEASURE

VULNERABILITY TYPE

COMMENT

1

Never share passwords with anyone, or reveal them otherwise

Human

Negligence

May be exploited in phishing, pre-texting, reverse social engineering, or other social engineering scenarios.

Exscudo team members never ask for passwords

2

Avoid using the same Password for various accounts and systems no matter how strong you believe it to be

Human

Underestimation of risks

A password can be figured out or hacked so the more accounts you use the same password for the higher the risk.

It is recommended to use password generators for complexity

3

EnableTwo-Factor Authentication (2FA) for your account to bolster its security

Technological

Complexity

Make sure to back up data allowing to recover a corresponding 2FA account.

Disabling 2FA from our end is possible, but the procedure is time consuming, requires a security check and may result in temporary suspension of access to the account 2FA is disabled for, as well as to related transactions

4

Limit the amount of personal data and credentials you store on the various cloud services as they may be hacked as well or suffer from data leak

Technological

Consumerization

The more third-party services you use to store the data, the higher the risk of losing it.

Outsorcing security policy to a sole discretion of a cloud service provider is never a good idea. It is recommended to have extra layers, such as changing passwords on a regular basis

5

Never reveal any personal information or send any images or details of your personal documents or payment methods without encrypting the data / making sure the communication channel is secure enough

Human

Security ignorance

Technological

Consumerization

Exscudo team members always explain the meaning and the security measures taken to secure your sensitive information in any applicable scenario

6

Never follow any suspicious links claiming to be associated with Exscudo that promise any rewards for entering personal information or account details in any form;

Also, pay close attention to the emails claiming to be associated with Exscudo and even ones ending in @exscudo.com if you have any doubts about their origins*.

Human

Underestimation of risks

Be careful while clicking on links, make sure to double check a domain name;

Never enter your personal information and/or account details without reason;

Pay close attention to the emails claiming to be associated with Exscudo and never open them prior to contacting the customer service if you have any doubts about their origins;

As the Exscudo customer service operates on the Atlassian service desk platform, all the messages originating from genuine support will come from the @exscudo.atlassian.net domain. The weekly newsletter messages in their turn arrive from the [email protected] e-mail;

Any messages arriving from different addresses containing @exscudo.com should be considered outside of the normal scope of operation and double-checked. If in doubt, contact Exscudo customer service via the Help Center;

Never provide any sensitive data in a reply to an email claiming to originate from Exscudo customer service, unless you have previously raised a ticket via the Help center widget or contacted a customer service representative via Discord;

Always check the links included in any suspicious emails by hovering your mouse cursor over the link and checking the address which appears in the lower left corner of the browser window (for Google Chrome).

7

Avoid using untrusted VPN and proxy services when accessing secure data such as your Exscudo account.

Traffic via a VPN or proxy can be intercepted by malicious parties

Technological

Consumerization

If you have to use a VPN or a proxy, make sure you can trust the service provider and that you have a firewall program enabled on your device

8

Avoid accessing your Exscudo accounts when in unprotected Wi-Fi networks (e.g., free public networks in cafes). If you use Wi-Fi at home, ensure that the network is secured by a password.

Technological

Complexity

Unencrypted transferred data can be easily intercepted in public Wi-Fi networks infrastructure

*For example, you may receive a message from an address such as [email protected] which contains a prompt to action such as following a link to "secure" your account or claim some kind of reward.

Devices in use

RECOMMENDATIONS

VULNERABILITY TYPE

COMMENT

1

Enable as many security layers to access the devices as possible, including PIN codes, Touch IDs, Face IDs, etc.

Technological

Consumerization

Not having to enter a code or a finger to access a device is much easier, but it is recommended to make it harder for an attacker.

Device loss combined with lack of protection provides full access to one's accounts

2

Avoid leaving your device unattended (e.g., at public places)

Human

Negligence

Growing risk of device loss

3

Minimize the number of devices used to access Exscudo products and services

Technological

Complexity

The more the number of devices in use, the harder it is to maintain security

4

Avoid use of devices located in public places/work/other uncontrolled environments to access Exscudo products and services.

Technological

Complexity

Devices not administered by you may have their backdoors (e.g., a time management system on a corporate workstation)

5

Avoid using suspicious browser extensions and apps downloaded from untrusted sources.

They may be gathering information from your system, infect it, or run various scripts

Human

Underestimation of risks

Technological

Consumerization

Two-click installations and making lives easier have their backsides, especially when it comes to browser extensions.

Be careful when installing browser extensions and various mobile apps for the first time. Make sure you trust the source.

6

Use protection software such as anti-virus/anti-malware and keep it up to date

Technological

Complexity

Updated and properly working protection software can effectively detect the newest viruses, trojans and other malware/spyware.

7

Keep your browser, applications and operating system/mobile firmware updated

Technological

Complexity

Outdated soft- and firmware is an open door for various mal- and spyware that can infect your device

8

Pay close attention to the protection software warnings and notifications regarding various websites

Human

Negligence

Ignoring protection software warnings is unacceptable in terms of security

9

Pay attention to the telltale signs which indicate that your device has been infected.

Human

Negligence

If your device starts to perform in an unusual and unstable way, immediately scan it for viruses and malware

10

Use password managers

Technological

Complexity

Keeps your passwords, PIN-codes, and other login information from being compromised by hard- or software keyloggers

Tools

RECOMMENDATION

VULNERABILITY TYPE

COMMENT

1

Back up any data that can be used to recover basic accounts associated with Exscudo accounts, such as QR codes, passwords, etc.

Technological

Complexity

E.g., associated e-mail or Google Authenticator accounts, QR codes to backup Channels app, etc.

There are a lot of interdependent tools and services to access Exscudo account based assets.

Make sure you have minimized the risks of losing access to them, since this may result in an inability to access tools required to sign in and manage Exscudo accounts and the assets

2

Back up your devices

Technological

Complexity

God only knows what happens next: a ransomware encrypting your device, a hardware failure, or else.

Make sure you can roll back at any moment to recover data and accessю

Reactive countermeasures

Taken in scenarios, where an attack has already happened, or risks of an attack have grown significantly (e.g., a loss of device used to access Exscudo products and services), and the damage (to a full, or to a certain extent) has already been done. Reactive countermeasures are aimed at minimizing the damage.

There are three key points to be considered when designing and taking reactive countermeasures:

  • There is no guarantee that the damage already done can be completely mitigated;
  • In most cases, users are unable to properly execute reactive countermeasures on their own;
  • Time is of essense.

Therefore, securing one's account after an attack often implies a timely and active cooperation between a user and Exscudo team. The table below provides a summary for a number of sample scenarios:

SCENARIO

COUNTERMEASURE

DRILL

COMMENT

1

Exscudo Exchange account stolen

  • Contact Exscudo team using the e-mail address associated with Exscudo Exchange account
  • Exscudo team validates the identity of the user;
  • Operations for the account get suspended;
  • Access to the account gets suspended;
  • A security officer gets assigned to investigate the incident

An essential part of the recovery process for users is to have a completed KYC procedure.

2
  • Device used to generate 2FA codes lost / stolen, while there is no Google Authenticator account backup
  • Access to Google Authenticator account lost with no backup in place
  • Contact Exscudo team
  • Exscudo team validates the identity of the user;
  • Access to the account gets temporarily suspended;
  • 2FA gets disabled

Time is one of the most important factors in this scenario.

The more time passes between the loss of device / account and the contact with Exscudo team, the more extensive the potential damage may be.

3

An unprotected (no PIN code, Touch- or Face ID required to access the device) phone used to access Exscudo products and services, lost / stolen

  • Contact the mobile carrier to suspend the SIM card
  • Change password for associated e-mail addresses / accounts
  • Contact Exscudo team
  • Exscudo team validates the identity of the attacked user;
  • Operations for the account get suspended;
  • Access to the account gets suspended

One of the most dangerous scenarios, as the attacker has access to everything one needs to manage Exscudo accounts:

  • Phone number;
  • Mailbox
4

The control over the device used to access Exscudo account is lost due to virus infection / ransomware lock.

  • Ensure that the account is secured by resetting the password and enabling 2FA (if not already);
  • Contact Exscudo team to secure the account;
  • Perform a virus scan / device healthcheck;
  • Contact software / hardware specialist to remove malware.
  • The user may prevent the damage by timely updating the password for their account and the associated e-mailж
  • If necesary, Exscudo team will assist in securing and recovery of the account;
  • Do not access your account from the device until it has been secured.

This scenario allows the user to prevent the actual loss of account if they act quick in securing it.

It is also imperative to ensure that the account is accessed from a 100% virus free device.

5

The user's credentials are stored on a cloud service which suffers a data leak.

  • Ensure that any account credentials that were stored on the cloud service are changed as soon as possible;
  • Contact Exscudo team to secure the account if required;
  • Ensure to remove any sensitive data from the service until a notice that its security has been restored.
  • If necessary, Exscudo team will assist in securing and recovery of the account;
  • It is advised to avoid using cloud services to store one's personal data.

As with previous scenarios, the extent to which the damage caused by an attack can be mitigated is fully dependant on the speed with which the user acts.

It is also advisable to store sensitive data in offline repositories to ensure its security.