Where will online criminal hackers look next? Cryptocurrency. There are already hacks going on, but this will ramp up significantly as some of the more highly competent criminals are targeting cryptocurrency exchanges.
According to Coingecko’s quarterly report, in the first half of 2019, over 83 million dollars’ worth of cryptocurrency was stolen from many exchanges.
The sheer number of new exchanges is growing at a tremendous rate. Coingecko added over 300 to its tracking in just the last 18 months. It is no surprise that many of the newer sites simply don’t have the resources to properly defend themselves. It makes sense they would be easy targets, but small exchanges don’t have as many users or assets to victimize.
Attackers Shift Tactics
What is really interesting is that bigger exchanges, like Binance, are being targeted. Binance has the resources to front a set of good defenses and has proactively planned for such attacks by creating a separate recovery fund to compensate for customers of losses. The fact that cyber criminals are taking the time and exerting the necessary effort to target such a well defended exchange is telling. They are going after high profile targets with the intention of a big score.
This strategy changes the normal equation for defenders. No longer does simply following the best practices deter attackers to look for easier targets. They are pinpointing a specific high-value victim then looking for the easiest path to compromise. The mindset is different. Such attacks can be relentless until they find a way in. There is constant pressure for security to remain a step ahead. The challenges for protection are more complex and the rewards for the attackers are much higher.
The Binance attack yielded $40 million for the criminals. That is a huge payday and will motivate future attacks, regardless of the defense posture. Such attacks can be crippling and will put serious pressure on these organizations. Some will not be able to weather the potential impacts. In January, Cryptopia suffered a hack and lost an estimated $16 million which catapulted it into liquidation and eventually bankruptcy.
Looking forward, I expect to see many more cryptocurrency exchanges being hacked in 2019 and 2020. The stakes will be higher and we may even see repeat attacks on the same exchanges. The lure of a huge payout will motivate the most skilled cyber criminals to hack exchanges and manipulate Decentralized Applications (DApps).
Criminals are honing their skills and tools. In the Binance attack, even 2-factor (2FA) customer authentication was undermined, which is normally a very strong control. The exchanges will need time to understand the risks, embrace the needed additional protections, implement solutions, and tune them to be more effective.
Moreover, an entire new way of thinking will be needed to manage the risks. Most only look to prevent attacks, but as Binance did, they also planned for a quick recovery when an attack eventually happened.
Advanced strategic planning is needed to be able to improve the prediction, prevention, detection, and response capabilities that will reduce the overall risk and impacts. With a steep learning curve ahead, I suspect it won’t be until mid 2021 that we see a downturn in attacks due to better cybersecurity.