ISO 27001 and BitCoin
BitCoin is a virtual currency, one that is not tied to a central bank or a country but that has seen a massive increase in popularity as people realise its value in an increasingly digital age. As its value and visibility has grown so to has its exposure to hackers, people who want to try and exploit its value. Over its 4 year life time it has come under numerous hacking attacks culminating in a sustained DDoS (Distributed Denial of Service) attack over the past 48 hours. Join us as we look into how surviving a DDoS attack and ISO 27001 make BitCoin a better service.
The DDoS attack was designed to slow down the trade of the currency, this had the effect of driving down the price of acquiring a new BitCoin. The price tumbled from $147 before the latest stage of attacks to just below $120 after the attack. This drop in price was short lived however, the price per BitCoin (BTC) increased to $134 potential netting any party who might have been involved in this attack the potential for serious gain through selling, buying and then selling again any number of BitCoins as other users become nervous about their “virtual” investment choose to sell of their holding.
Plan, Do, Check, Act with ISO 27001
This attack was launched at Mt.Gox (www.mtgox.com) a website where this currency has been traded in larger numbers than any where else in the world. The old adage of what doesn’t kill you makes you stronger springs to mind when surviving a hacking attempt. ISO 27001 works from the “Plan, Do, Check, Act” management system. Planning out involves taking stock of your preparedness to a hacking attempt. The “Do” element involves rolling out or integrating new system infrastructure. Check can be difficult to do but when you undergo a hacking attempt, such as a DDoS attack, you are involved in the best checking there is. Predicting how and where a hacking attempt can come is very difficult, surviving an attempt means you have come through the attack and can learn from this experience.
So far they have come up with a number of measures and improvements to their own infrastructure that would help them to over come future attacks. As a result of their systems and preparedness coming under scrutiny Mt.Gox have come up with several improvements including advise to users and investors to not panic sell. Previous holes in their systems that have been caused by their quick growth have been highlighted and fixes have been instigated. Finally bringing in information security experts who are ISO 27001 certified has helped them restore confidence to their customers.
It is hoped that these improvements, not only in services but in the systems managing those services can help more and more customers to begin to trust in BitCoin in the future.
Increasingly being prepared for a hacking attempt is key to becoming a successful business online. If you want to talk to an expert about your business becoming ISO 27001 Certified, are interested in taking some ISO 27001 System Implementation Training or even are considering a ISO 27001 Gap Audit then you should contact us today.