November 21, 2024
Security audits ‘not enough’ as losses reach .5B in 2023, security professional says

As companies continue to suffer hacking attacks and exploits, professionals in the cybersecurity field are working hard to figure out how to improve cryptographic security for digital asset companies and the broader crypto industry.

Cryptocurrency hacks, vulnerabilities, and scams have caused nearly $1 billion in losses before September 2023. However, in the fourth quarter of 2023, more events continued to rock the crypto world, such as the Poloniex breach, which resulted in the loss of over $100 million in digital assets, and the HECO Chain bridge hack, which resulted in over $80 million in losses.

With the number of security incidents occurring in the space and the loss of value caused by each hack or exploit, it is undeniable that there are gaps that need to be filled in the security of digital assets within the crypto space. Therefore, Cointelegraph reached out to cybersecurity professionals to find out what they think can be done to prevent further incidents and strengthen cryptocurrency security.

Ongoing incidents ‘inexcusable’

Ronghui Gu, co-founder of blockchain security company CertiK, told Cointelegraph in a statement that the ongoing incidents resulting from SIM swap and multi-signature failures are “inexcusable” after the incident exposed this security issue. Companies should adopt crypto-native multi-factor authentication and conduct regular security audits, Gu said. He said:

“We’re building powerful, highly complex technology, and even though there’s often a big incentive to build and break things quickly, it’s important to keep security as a top consideration.”

Forta Network resident researcher Christian Seifert agreed that security needs to be a top priority. Seifert, a former security chief at Microsoft, said users need to demand security, and if that doesn’t happen, regulators need to step in. In this way, encryption plans will adopt a more comprehensive security strategy, the security professional said.

In addition, Seifert also believes that although security audits are effective, they are “not enough.” “We need a comprehensive security strategy that starts with security design and goes all the way to monitoring and threat prevention solutions,” he added.

Jerry Peng, a research analyst at Web3 analytics firm 0xScope, told Cointelegraph in a statement that there is a need to better understand where and how security threats may arise. This allows companies and individuals to detect patterns and connections displayed by addresses involved in previous attacks. “This is where encrypted data analysis services can help investigators prevent the next potential hacker attack,” Peng explained.

related: Cybersecurity team claims up to $2.1B of cryptocurrency stored in old wallets is at risk

How hackers are hindering cryptocurrency adoption

Gu told Cointelegraph that hacking attacks in 2023 alone have caused $1.5 billion in losses to the sector as of November 28, according to data compiled by CertiK. The executive believes that these events that continue to plague the space have also had a huge impact on cryptocurrency adoption. Gu added: “These hacks and vulnerabilities undermine public trust in the security and stability of digital assets, thereby severely impacting cryptocurrency adoption.”

Seifert expressed a similar sentiment. The security researcher noted that while those early adopters of the technology acknowledge the risks, the practice will no longer be embraced by the broader user base that the crypto space is trying to attract. Seifert explained:

“Imagine losing all your savings because your bank branch was broken into overnight. You wouldn’t save money there.”

Peng also believes that hackers stifle potential market growth. Peng said these may “scare away” people who were previously willing to explore the Web3 space.

Magazine: HTX was hacked again, losing $30 million, 100,000 Koreans tested CBDC, Binance 2.0: Asia Express