2022 was a challenging year for the crypto market. Aside from the industry’s already-known and accepted volatility and unpredictability, Sam Bankman-Fried added a new level of uncertainty this year with the FTX scandal, thanks to fraud, mismanagement, and lack of oversight. But that’s not all. In 2022, significant security breaches rocked the lucrative crypto industry and highlighted its vulnerability. In this article, explore crypto security issues and measures you can take to boost your organization’s cryptocurrency security.
Some of the challenges in 2022 facing crypto security:
Due to a lack of stable infrastructure to support proper blockchain crypto security verification when transferring assets from one independent exchange to another, these bridges are vulnerable to hackers. In October 2022, the Binance (BNB) blockchain was breached, with hackers making off with more than $100 million worth of tokens from the world’s largest cryptocurrency exchange.
Digital wallets are only as safe as their passwords protecting them. In August 2022, Slope, an SOL wallet provider, experienced a server breach where a bug in the code allowed for passwords to be stored on a server, resulting in hackers gaining access to the passwords of more than 9,000 wallets and stealing more than $4 million in crypto.
The crypto industry relies on trusted partners and vendors in their day-to-day operations. With so many entities involved in a company’s supply chain, hackers have learned to go after the chain’s weakest link to gain access to their targeted network. Gartner predicts that by 2025, 45% of organizations worldwide will have experienced attacks on their software supply chains.
Exchange Hacks:
In December 2021, the AscendEX cryptocurrency exchange experienced a hot wallet breach of more than $77 million, of which $60 million was made up of Ethereum tokens. Starting in February 2022, the hackers began moving the crypto to the decentralized exchange Uniswap in an effort to legitimize the currency, as Uniswap doesn’t have a know-your-customer (KYC) mechanism. KYC is a multi-step identification process designed to prevent fraudulent account creation and money laundering. In the same month, cryptocurrency exchange BitMart was hacked, with the cryptocurrency security breach resulting in $196 million in losses. The FTC investigation into the BitMart breach is underway.
Following the FTX fraud and the host of security challenges, many crypto exchanges and smart contract creators seek to reassure customers of their solvency and ability to cover customer withdrawals. However, engaging a reputable accounting firm has become harder than ever for the crypto industry. In December 2022, accounting firm Mazars Group suspended its work with crypto clients “due to concerns regarding the way these reports are understood by the public.” Similarly, accounting firm Armanino announced that it is ending its crypto audit practice altogether. It seems the immense risk crypto laws pose to the auditing firms themselves is not worth the easily-won lucrative client contracts.
While crypto falls under the Anti-Money Laundering Act of 2020, which subjects digital currencies to reporting requirements, Congress has largely designated the task of addressing issues created by digital assets to regulatory agencies. For example, the Financial Industry Regulatory Authority (FINRA), a self-regulatory organization that regulates member brokerage firms and exchange markets, has announced that it will begin conducting a targeted examination of broker-dealer practices related to communications about crypto products and services. In addition, global and national financial regulators are putting more pressure on the crypto industry to implement KYC measures to limit anonymous crypto transactions.
The government has begun stepping up as well. Currently, in the US, cryptocurrency laws and regulations vary state-by-state, but countries are starting to tighten these regulations. For example, in December 2020, FINCEN proposed new crypto regulations that impose data collection requirements on cryptocurrency exchanges and wallets, including the submission of suspicious activity reports (SAR) for transactions over $10,000 and the requirement for wallet owners to identify themselves when sending more than $3,000 in a single transaction. In addition, the Biden Administration’s Working Group on Financial Markets released a series of recommendations for new crypto security laws.
Securing an organization is top of mind for any company, but for organizations operating in the crypto industry, the following crypto security tips are the keys to the kingdom:
In 2022, the cryptocurrency market navigated a tumultuous period marked by the FTX scandal, unveiling the industry’s susceptibility to fraud and mismanagement. However, the challenges extended beyond isolated incidents, revealing vulnerabilities within the crypto security framework. Attacks on blockchain bridges, stolen password details, supply chain breaches and exchange hacks underscored the urgent need for enhanced crypto security measures.
In response, the crypto industry must take strategic steps to improve its security. Adhering to regulatory cryptocurrency security standards like the CCSS is paramount. Following crypto security best practices such as engaging reputable accounting firms helps to establish transparency and trust. Organizations must also define clear lines of responsibility to ensure cryptocurrency Compliance. For more guidance on how to foster a more secure cryptocurrency market, reach out to anecdotes, pioneers in the Compliance world. If you’re not convinced how the anecdotes Compliance OS can help your Compliance leaders bolster their crypto security standards, download our data sheet to learn how we can empower your GRC teams today.