The world is likely to see more and more attacks on crypto assets; businesses are at risk as much as private wallets. Cryptocurrency is increasingly attracting scammers, because there are more and more opportunities for its legal use – Starbucks and KFC are now accepting bitcoins, which makes it easier for cyber criminals to use stolen goods. Faster development of crypto security systems could be a solution, but there are still too few of them.
Watch out for attack
The number of crypto crimes has been growing for a few years: even the number of reports has been increasing by an average of 312% annually since 2016, according to CB Insights. This includes hacker attacks on private crypto accounts as well as fraudulent investments in digital assets.
In August 2021, hackers stole over $600 million worth of tokens from the Poly Network platform; this case remains the largest crime in the industry so far. True, the funds have been retrieved eventually, but the attack clearly demonstrated how much crypto platform vulnerabilities can cost.
In December 2021, criminals stole $150 million from the BitMart exchange, with weak security being one of the factors.
However, attacks on crypto wallets are no longer the only method of theft that scammers use. Ransom demands in cryptocurrencies after ransomware attacks are becoming increasingly frequent. Until recently, attackers preferred ransoms in fiat money, but the situation is changing now.
“Because crypto transactions do not involve intermediaries such as banks, or carry personal information, hackers can extort millions of dollars while remaining anonymous,” CB Insights notes.
More attacks will follow
The number of attacks on crypto assets will increase as cryptocurrencies become more widespread, Alexander Vetkol, lead system engineer at Varonis Systems, agrees.
Among other things, the relatively low qualification of their regular users and owners remains an additional risk. As for any specialized software products, the case is still up – there are no dedicated systems to protect the cryptocurrency industry yet.
This can provoke high volatility in the crypto market, which is a far more serious consequence than loss of assets by exchanges or individuals.
“With some proper training, attackers could exploit any vulnerability in the use of blockchain, the execution of contracts or other operations. This can lead to the collapse of one or more cryptocurrencies by increasing the capitalization of others. This will negatively affect the industry as a whole,” the expert warns.
According to his estimates, attacks on exchanges are the most obvious possibility. A mandatory delay of the withdrawal of funds could be an option because the perpetrators would be less likely to benefit from the attack. However, this would not completely eliminate the risk of illegal access to individuals’ wallets and accounts on crypto exchanges if they do not take the security of their assets seriously enough.
“Security issues remain highly relevant for owners of crypto wallets. Even advanced users make mistakes with the outgoing transactions while the wallet does not perform any analysis of user actions,” notes Arseny Reutov, Head of Application Security Research at Positive Technologies.
Operating systems on your computer are protected by antivirus apps, the expert explains; however, there are no popular solutions for crypto that would even warn the user that they are doing something wrong.
“Blockchain transactions cannot be reversed; any mistake can be critical,” Arseny Reutov says.
Investors’ increased interest in the crypto security market is an expected result of the uptick in crypto attacks. In 2021, relevant startups already attracted $28 bln, which is 136% more than in 2020. Crypto exchanges that want to protect themselves and their clients also invest in such solutions.
Thus, in September 2021, the Coinbase crypto exchange took part in the $23-mio round of investment for the Forta security platform. It also announced plans to purchase the Unbound cyber security startup.
Companies that provide traditional financial services are also game as they use cryptocurrency more actively. For instance, in 2021, Mastercard bought CipherTrace that develops cryptocurrency AML compliance solutions; PayPal acquired Curv, a developer of infrastructure solutions to protect digital assets.
Investors also should direct attention to smart contract audit.
“The smart contract audit market keeps growing, and demand for quality audit surpasses supply. A small list of accounting companies whose clients did not lose money after a smart contract was breached has been formed,” Reutov says.
The market of monitoring blockchain transactions has also been developing. Such services are mostly designed for developers who can promptly respond to suspicious transactions due to security alerts.
By Olga Blinova