The crypto industry experienced its fair share of cyberattacks and security breaches in 2020. Hackers stole millions from bitcoin firms such as KuCoin exchange while several DeFi (decentralized finance) platforms endured cybersecurity breaches. Cybersecurity and crypto industry experts predict that 2021 will see a rise in cyber-attacks targeting DeFi platforms, individual users, and smart contracts. Meanwhile, the increased institutional investment in cybersecurity will improve security standards and measures on most exchanges.
DeFi Is the New Target
Experts predict that attacks on crypto exchanges will remain stable or decline, especially among the established exchanges. Meanwhile, attacks on DeFi platforms and protocols are bound to escalate, with most hackers targeting new platforms. Losses resulting from cryptocurrency hacks, thefts, and fraud reduced to $1.8 billion in the first 10 months of 2020 compared to 2019.
But the DeFi sector experienced a rise in the number of attacks. DeFi hacks comprised 21% of the theft and hack volume for 2020. DeFi accounted for almost 50% of all the hacks and thefts that happened in the second half of 2020, valued at $47.7 million or 14% of the hack volume.
Experts attribute the high volume of attacks targeting DeFi platforms to the hype surrounding the sector, which is similar to the ICO craze of 2017. The problem is that many DeFi founders are launching their platforms too quickly without first performing the necessary smart contract security audits.
DeFi problems will only worsen in 2021 because decentralized finance is a major innovation that will grow significantly in the future. DeFi is experiencing the problems of growing too fast in an environment with only a few qualified smart contract authors and auditors, leading to quality assurance problems.
Another issue that is going to affect DeFi platforms is the growth in attacks targeting smart contracts, which most DeFi platforms use in their operations. Developing smart contracts is similar to making hardware and it will take time for the software industry to adapt to the new methodology.
Start-ups that are in haste to capitalize on the DeFi boom are the most vulnerable. It is impossible for companies with small teams to write secure smart contracts or create robust decentralized exchanges. People will continue investing in these systems even though they have not undergone sufficient security scrutiny and peer review.
In contrast, the number of attacks on exchanges will continue to decline as firms compete to attract institutional and retail clients. Market pressure and increased regulatory requirements will reduce the vulnerability of exchanges. Governments around the world will push for regulations that are similar to those of traditional payment institutions.
Cyberattacks Will Target Users
The value of cryptoassets has grown in recent years, enabling exchanges and players to invest in security. High prices will attract malicious actors towards cryptocurrencies, exchanges, and holders, but increased regulation and institutionalization has improved crypto cybersecurity substantially.
The consequence of the two developments is that cyberattacks will increasingly target holders and individual users. The main security challenge will be developing systems that are secure enough to prevent users from exposing their assets. Most of the attacks will be made through social engineering and tricking users to install vulnerable software. Experts note that phishing scams will be the greatest security challenge.
There is also the risk of investment scams targeting the DeFi sector. The scammers will take advantage of crypto users’ fear of missing out (Fomo) and the allure of quick riches to entice them to join fraudulent investment platforms.
The problems will be complicated by regulatory uncertainties related to DeFi, which has the potential to increase the risk of hacks by reducing accountability. There are many regulatory issues pertaining to DeFi protocols, such as if they should be treated like centralized finance (CeFi). Regulators need to resolve problems revolving around accountability for negligence, lack of compliance, hacks, and money laundering.
Increased Demand for Cybersecurity
The growing threat of cyberattacks will only increase the demand for cybersecurity services, with recent data predicting investments in the sector to reach $250 billion by 2023. Other drivers include strict requirements for data protection and the elevated threat of cyberterrorism, which is forecasted to cause damages of nearly $6 trillion in 2021.
The increased regulatory requirement for data protection and confidentiality has attracted investors and entrepreneurs keen to develop next-generation solutions such as AI-based data management solutions, blockchain, and advanced cryptography. For instance, emerging social media startups are leveraging blockchain-enabled communication networks to provide clients with decentralized solutions and new authentication layers.
The increased risk of cyberattacks will force firms to invest in proper employee training. The new generation of cybersecurity jobs will require employees to understand phishing schemes, social engineering, AI and machine learning, ransomware, and malware. Investing in staff-oriented security systems will increase security while reducing losses.
The crypto industry will continue experiencing cyberattacks and security breaches in 2021. Most of the attacks will target the rapidly growing DeFi sector, which is still grappling with flawed systems and inadequate human capital. At the same time, the increased value of crypto assets will drive malicious actors to target users through social engineering techniques. Meanwhile, increased regulation will force firms to invest in cybersecurity and drive growth and innovation in the sector.