When Bitcoin reached an all-time-high in December 2017, blockchain technology, including cryptocurrencies, hit a tipping point. At that time, a tremendous number of new people entered the market, and more people are discovering crypto every day. Because of this rapid growth, regulators have become concerned over the legitimacy of the technology and its possible use for criminal activities. While the use of digital currencies for actual crimes is debatable, it is true that millions of dollars in digital assets have been stolen by hackers.
The most recent major cyberattack was on Bancor, a startup that enables users to convert one type of cryptocurrency to another, without the need for a counterparty to facilitate the trade due to the system’s built-in liquidity. According to ZDNet, $13.5 million in digital assets were stolen. While no system is 100% secure, there are steps that the company could have taken to reduce the likelihood of this attack resulting in a major loss of customer funds.
Regulators would seek to create laws, expensive licensing requirements and penalties to enforce their idea of consumer protection on the industry. Unfortunately, such regulations typically result in a barrier to entry for new businesses to participate in an industry, and don’t always result in the preservation of value for the customers that a cybertheft event would actually affect. There is another choice.
On July 12, gubernatorial candidate for New York State, Larry Sharpe gave the keynote speech at the Blockchain World Conference. In his speech, he suggested that standards are much better than regulations, by enabling an industry to self-police without stifling innovation. With a set of agreed industry standards, various digital currency exchanges and other blockchain companies may voluntarily become validated for taking measures to protect their customers’ assets. In this way, companies and developers may align with one another to identify potential security risks, and how to prevent losses.
Cryptocurrency exchanges can protect assets under management in a number of ways. First, a standard may be created to either insure the funds under management, or to utilize a digital custody service. An insurance provider would have their own set of standards that must be followed by the exchanges they cover. As they potentially have a lot to lose in the event of a cyberattack, it follows that insurance companies would be rigorous in their security requirements. Among other things, these requirements may include systems to block the top known hacking techniques. These would include the use of encryption on a website, multifactor logins that require captchas, text messages or biometrics. Exchanges would also need to prevent denial of service (DDoS/DoS) attacks.
If a company does not wish to utilize an insurance provider, then they may instead keep their funds in cold storage, either in a wallet that they control, or with a custody service.
Digital exchanges may further protect themselves by enforcing requirements for their customers. This may include mandatory education, such as a series of videos, which customers must watch to learn about security vulnerabilities on their own computers. Exchanges may also offer free tools to their customers, such as malware protection against keyloggers, anti-virus software and hardware keys that work similarly to hardware wallets in order to gain entry to a trading system.
Blockchain developers may follow a set of standards as well. While blockchains are by definition cryptographic, and require a degree of consensus in processing transactions, there are numerous ways to trick the system. In addition to current threats, quantum computing is on the horizon, and quantum-resistant blockchains will be necessary in the near future. All of this information may be consolidated under a blockchain and cryptocurrency set of standards. With such a system in place, investors can rest easy that their wealth is protected, and technology companies may continue to operate hassle-free.