Protecting VASP's Travel Rule Data by Design

The recent zero-day remote code execution (RCE) vulnerability in Java's omnipresent log4j library raises awareness once again that garbage-collected, and therefore memory-safe, languages, such as Javascript, NodeJS, Python or in this case Java, are still susceptible to RCE vulnerabilities.

Even tech giants from Silicon Valley like Amazon, Apple, Google, Twitter and enterprise software vendors, such as Atlassian, RedHat and VMWare, have been found exploitable via the log4j vulnerability. This is why the vulnerability scored 10 out of 10 in the CVSS rating system, which emphasizes how critical that vulnerability is. The impact is increased by the fact that an attack can be conducted with a low skill level.

Designing for Enhanced Security

At 21 Analytics, we use the programming language Rust, which is memory-safe without relying on garbage collection. To mitigate potential RCE attacks like the one facilitated by the log4j vulnerability, we statically link all dependencies into our final executables. This enables us to run those executables in an empty container, which isolates the execution environment of a process. If an attacker successfully gains code execution, she finds herself in an empty container containing solely the executable she was able to attack.

There is no user data, shell or other means the attacker can utilize to complete her exploitation chain. This security-in-depth approach virtually eliminates the possibility of a successful complete takeover of vulnerable systems and protects sensitive user data.

To further reduce the attack surface, we use link time optimization (LTO) which strips off unused functionality from statically linked libraries.

21 Analytics' customers are VASPs that protect their users' private data and take security seriously. Contact us to join the ecosystem of secure and privacy-guarding VASP networks.