Why Crypto Platforms Must Match the Security of Fiat
Cryptocurrency has evolved into an innovative form of alternative finance that’s prized for its decentralized nature, giving people more control over their wealth. However, compared to fiat, crypto carries a much higher risk due to its susceptibility to hackers. The industry has been hit with repeated, multi-million dollar hacks from exchanges, and thousands of individuals have fallen victim to scammers who steal their private keys in order to empty out their digital wallets.
The crypto industry has tried to protect itself as best it can, implementing some novel security methods and bug bounty programs that encourage people to find vulnerabilities in smart contracts that can lead to hacks, but these efforts are not enough, as the hacks still persist.
The problem with crypto is that it’s based entirely on software. Of course, software is code written by human programmers, who are naturally susceptible to making mistakes. As such, errors often creep into that software, giving hackers an opportunity to take advantage.
Crypto exchange platforms are one of the favorite targets for hackers because they hold fantastically large amounts of money. One of the most seismic crypto hacks of all time compromised Mt. Gox, which was formerly the industry’s most important exchange platform. The hackers stole millions of dollars worth of Bitcoin, forcing Mt. Gox to shutter its business, and to this day, thousands of people have never been able to recover their lost funds.
More recently, in December 2021, the crypto trading platform BitMart fell victim to a hack that saw attackers make off with almost $200 million worth of crypto. The hacker was somehow able to steal the private keys needed to access two of BitMart’s hot wallets, which remain connected to the internet at all times. Armed with those keys, the attacker was able to transfer large amounts of crypto directly to wallets they controlled, before making off with their ill-gotten loot. Once again, the lost funds were never recovered.
The majority of crypto exchange hacks occur because their wallets are required to be online at all times, meaning the funds can be transferred in an instant should someone manage to gain control of them.
How Traditional Finance Prevents Fraud and Hacks
These kinds of hacks are much more difficult to get away with in the world of fiat money. That’s because traditional banks are subject to heavy regulation and governed by warning systems that will immediately flag any suspicious activity.
For instance, banks and other financial institutions in the U.S. are required to file suspicious activity reports to the U.S. Treasury. Known as SARs, they’re designed to alert authorities to potential instances of money laundering, financing of terrorists, sanctions violations and so on.
U.S. banks are also subject to currency transaction reports, or CTRs, where they flag any transaction amount over $10,000. These are widely known about, but what most don’t realize is that SARs can help banks to identify when people are trying to avoid flagging a CTR. For instance, the former New York Governor Eliot Spitzer knew about CTRs, and so when he tried to send cash to a prostitution ring he was involved in, he was always careful to never send any transaction that exceeded $10,000. However, because he instead made a series of transfers to the same account in a short period of time, his activity was instead flagged as an SAR.
These kinds of systems have helped to prevent millions of dollars being stolen. In one famous case that dates back to 2016, the North Korea linked Lazarus Group famously came close to pulling off a $1 billion hack on the Bangladesh Bank. The hackers managed to gain control of the bank’s computer systems and attempted to transfer $1 billion via 35 transactions to different banks all over the world. However, most of the transactions were prevented when the Federal Reserve’s internal systems flagged them as suspicious.
Banks use similar alert systems to monitor individual users accounts to try and prevent fraud. They employ AI algorithms that aim to detect unusual transactions or spending behavior, and can automatically prevent funds being withdrawn in suspicious cases. Anyone who’s ever traveled abroad and failed to inform their bank about it may well have experienced this, when their bank detects a series of withdrawals from another country and immediately puts a block on their ATM card.
Crypto Needs An Alert System
What the crypto industry needs to prevent hacks is more fiat-style regulations and warning systems, experts say. In a 2021 interview with the BBC, AllianceBlock founder Dr. Amber Ghaddar said the proliferation of hacking incidents in the crypto world is due to its reliance on vulnerable systems. Most of the software that underpins crypto is open-source, which is helpful because it means the community can work together to make improvements. But on the flip side, it also means that code is exposed to malicious actors who will attempt to find vulnerabilities within it.
As well as more auditing and testing, Dr. Ghaddar said there needs to be more regulation in crypto. “We need to have various standards that need to be monitored in order to protect market integrity if we really want cryptocurrency to reach mass adoption,” she said.
The good news is that governments worldwide appear to be getting serious on regulating crypto, and that has led to a number of platforms working to improve their security in order to remain compliant. For instance, the European crypto exchange and wallet provider Lama has long been working to integrate crypto with fiat in an effort to bridge the divide between the two financial systems, and make it easier for people to spend their crypto in the real world. It does this primarily through its Visa debit card, which is linked to user’s crypto wallets.
Because Lama bridges crypto with fiat, its platform is fully compliant with the PCI DSS standard, which means it meets the highest standards of security compliance. Just as with fiat, if a user’s crypto debit card is flagged for suspicious transactions, the card can be blocked to prevent any more funds being lost.
What the crypto industry needs now is more proactive security systems of this kind. Exchanges, wallets and DeFi platforms alike need to put systems in place that monitor transactions in order to detect anomalous activity, such as sudden spikes in usage, unusually large transfers and so on. In most cases, the first sign of an attack is indeed an unusually large transaction, or multiple smaller transactions going to the same address over a short period of time. By being able to detect this kind of activity, and flag it, the crypto industry can prevent or at least minimize such incidents.
Such systems may also help to prevent hacks in the first place. If hackers know they’re going to be spotted immediately, this can serve as a deterrent. To be sure, there is no simple solution to improving crypto security, but if the industry can employ more of the early warning systems used in traditional finance, based on proactive monitoring of networks, it will become a much safer place than it is today.
***
DISCLAIMER
The views, the opinions and the positions expressed in this article are those of the author alone and do not necessarily represent those of https://www.cryptowisser.com/ or any company or individual affiliated with https://www.cryptowisser.com/. We do not guarantee the accuracy, completeness or validity of any statements made within this article. We accept no liability for any errors, omissions or representations. The copyright of this content belongs to the author. Any liability with regards to infringement of intellectual property rights also remains with them.