Crypto Aware has released figures showing that 1.7bn worth of cryptocurrency has been lost through hacks or fraud since 2011. Over a quarter of this – $670 million – was lost in the first three months of 2018.
Leigh-Anne Galloway, Cyber Security Resilience Lead at ICO security company Positive.com, has made the following comments: “These figures expose two things – first, the truly devastating scale of cyber attacks on the cryptocurrency market with losses now well into the billions of dollars; and that the rate of crime and fraud is rapidly increasing. The dramatic rise of the cryptocurrency market in 2017 has made a lot of serious investors and institutions sit up and take notice, with more money coming into the market than ever before. But, sure enough, cyber criminals have sniffed the blood in the water as well.
“Every player in cryptocurrency, from the largest exchanges to the most humble ICOs should take these findings as a giant warning sign to look internally at their own security. ICOs, in particular, should not consider themselves an unlikely target. The reality is that, the second a company goes public with an intention to do an ICO, it is waving a huge flag to cyber criminals that it is both valuable and also in a very vulnerable phase of its company growth.
“There are still some very basic practices that most ICOs could do to improve their security posture. Firstly, it is absolutely vital that the underlying code of the smart contract is purged of any vulnerabilities through development – once this goes live it cannot be changed. Secondly, organisations must ensure that the web applications their ICO use are being monitored and protected in real time – all the security of the blockchain means nothing if a hacker can misdirect funds from the web page.
“Finally, there is the human factor. This is the hardest thing to secure, but ICOs have a responsibility to do everything within their power to stop investors being tricked by phishing attacks. This means educating investors on the risks and warning signs and communicate as effectively as possible on official channels, to avoid investors being duped.”