Crypto Space Needs To Self-Regulate To Reduce Hacker Threat
https://ift.tt/t8JnhNl
Since 2016, an estimated $3.1 billion has been lost (excluding Africrypt and Bitconnect scams) to malicious actors attacking exchanges, DeFi protocols and marketplaces according to DeFiYield’s REKT database – with decentralized exchanges and DeFi protocols being the primary target.
According to the analytics firm Crystal Blockchain, the number of hacks targeting the crypto industry has nearly doubled since 2020 as seen in the graph below. Therefore, increased security measures are required to keep exchanges safe at the time of worldwide crypto adoption.
The record-breaking hack of the PolyNetwork decentralized exchange (DEX) cost the project $600 million in October 2021 because of mismanagement of access rights between two important Poly smart contracts. The biggest damage has been caused to projects falling victim to the exploitation of errors in code, access controls or flash loan attacks.
In part, this phenomenon is also due to the increasing number of projects jumping into the crypto sector without taking the necessary precautions. Exchanges and related services are usually caught off-guard by exploits in their code caused by a lack of regulation and oversight.
Since the field is still at its early stage of development, many investors are exploring it for the first time, possibly unaware of the myriad security risks the new tech poses.
What can exchanges do?
With problems like these, exchanges need to be proactive in the development of best practices. Regular code audits to ensure the security of exchanges and other security initiatives are becoming increasingly important.
Since these problems are so prevalent, a number of standards have been set for exchanges to follow. For example, SOC2 and ISO 27001 are among the primary standards, ensuring exchanges meet globally established security requirements.
When looking at CER metrics – a cybersecurity ranking and certification platform – exchanges that want to get a high-security score need to adhere to ISO 27001 and SOC2 standards, which “enable organizations of any kind to manage the security of assets such as financial information, intellectual property, employee details or information entrusted by third parties,” as well as a few additional criteria.
Expert developers in the field have also found a niche by providing fully tailored security services like PeckShield that secure any crypto project. On the user side, scoring systems like CER assists users by making them aware of the safety of the platform they’re using.
Exchanges need to ensure that both they and their customers can transact safely, which is why during the last year, various institutions have come to help solve this problem by auditing the code and providing safety certifications.
Top secure exchanges according to CER
Exchanges are ranked by CER according to their cybersecurity score (CSS), which is based on over 18 indicators. To date, the platform has evaluated the security of over 300 exchanges in an attempt to provide an expert view of the state of cybersecurity in the crypto exchanges industry. The company’s data are used by CoinGecko as part of its trust metric and Chainlink, one of the leading oracle providers in the crypto space.
Distribution of exchanges by security rating (according to CER.live).
For an exchange to get a AAA rating they need a high CyberSecurityScore (CSS) in each of the following criteria – server security, user security, penetration test, bug bounty, ISO 27001 and funds insurance. At the moment there are only six exchanges that have achieved the highest triple-A rating by meeting all security requirements according to CER methodology.
As the crypto industry matures, exchanges should focus on securing participants and their funds. With more standards and bodies that ensure some sort of compliance to security and safety, it could lead to some quasi-form of regulation across the board if no official regulatory system is put in place.
With the influx of crypto traders, it’s becoming increasingly important for exchanges to have their security measures set up to protect the billions flowing between them.
According to Crystal Blockchain, in 2021 (excluding December) the volume of Bitcoin directly transferred between exchanges was estimated at $279 billion – a 312% increase from the year before. Now, that’s only Bitcoin – for January 2022, Binance, one of the top crypto exchanges by volume, had a total trading volume of $510.3 billion as a testament to the growth in the industry.
Reports from Binance have shown that there are now 300 million crypto users worldwide as compared to 100 million in the previous year. With most of these individuals having to use some form of exchange or platform to buy crypto, it’s obvious that these highways of exchange have a responsibility to implement proactive security measures.
Smaller exchanges need to also keep their standards high, as even the one-hundredth largest exchange by volume processes an estimated $25 million per day, making them an easy target if they don’t keep security up to scratch.
Zlata Parasochka is a tech writer and crypto believer. She also has her own blog on the HackerNoon website.
Follow Us on Twitter Facebook Telegram
Disclaimer: Opinions expressed at The Daily Hodl are not investment advice. Investors should do their due diligence before making any high-risk investments in Bitcoin, cryptocurrency or digital assets. Please be advised that your transfers and trades are at your own risk, and any loses you may incur are your responsibility. The Daily Hodl does not recommend the buying or selling of any cryptocurrencies or digital assets, nor is The Daily Hodl an investment advisor. Please note that The Daily Hodl participates in affiliate marketing.
Featured Image: Shutterstock/Eduard Muzhevskyi
Cryptocurrency