Are the Worst Cryptocurrency Security Breaches Behind Us?

By Tim Fries, Co-Founder, The Tokenist

You would be right in assuming that blockchain itself was never hacked, but that doesn’t mean people don’t like to give up security features for the sake of convenience. Crypto exchanges are especially notorious for mass hacks that besmirch the entire cryptocurrency ecosystem.

Moreover, no matter what kind of crypto wallet you have, due to the decentralized nature of cryptocurrencies, it’s akin to having a bank account in your pocket. In the end, we may as well rely upon the insured deposits of web-based wallets – crypto exchanges – more than anything else.

People Demand Digital Money

It may surprise you to learn that the concept of internet money did not start with the first cryptocurrency in the form of Bitcoin (BTC). In fact, the most ancient and pervasive form of money – gold – was the first basis for digital currency in 1996. Called e-gold, it was effectively a stablecoin before there was such a thing. Anyone with an e-gold account was able to transfer money equivalent in value to grams of gold to other e-gold accounts. Unfortunately, it grew too much in popularity before the government shut it down in 2008.

E-gold may have ultimately failed as a digital currency, which is what people called it at the time, but it demonstrated a high demand for money that is not externally tempered with and controlled by governments. Just one year later, Bitcoin emerged on the scene as a digital currency entirely confined to the digital realm and outside government control. As Bitcoin gained more traction and value, the legacy media became fever-pitched in tying Bitcoin to the criminal underground.

Fortunately, all their efforts failed along with their trustworthiness. On the other hand, the most current data on Bitcoin adoption rate provided by The Tokenist, tells a story of increased trust in Bitcoin over traditional institutions, by 29%. The upward shift in Bitcoin trust and familiarity is primarily led by male millennials, while people older than 65 are least likely to own and use Bitcoin.

The latter part is important to note because older people represent a demographic that views money as something that is strictly:

  1. Physical
  2. Government-controlled

Regardless of age, we can safely say that these two money attributes are more or less present in the minds of all demographic groups. Therefore, they represent substantial psychological barriers to overcome for further cryptocurrency adoption. Thankfully, the government’s reaction to the coronavirus greatly eroded the embedded notion that money, as physical and government-controlled, is inherently superior to digital money.

When the Federal Reserve decided to summon trillions of dollars on multiple occasions to save the market from totally crashing, no one with a straight face could say ever again that government money is derived from real wealth. On the other hand, Bitcoin draws from a predetermined, finite pool of coins, with each Bitcoin ever-growing in value.

However, there is another aspect to digital money that makes people instinctively distrust it – cybersecurity. In particular, the prevailing sentiment that anything digital is hackable.

Shortcuts Lead to Cryptocurrency Vulnerability

Although fiat money can be counterfeited, it’s almost unheard of with the modern protections applied in the money printing presses. This is not the case with Bitcoin and other cryptocurrencies. There are many cases of mass Bitcoin thefts/hacks from crypto exchanges, such as Japan’s Mt. Gox, Bitcoin7, Bitomat, Linode, BTC-e, Bitcoinica, Bitfloor, Vicurex, and Hong Kong’s Bitfinex as the largest case of hacking with 120,000 BTC stolen.

Moreover, an alternative marketplace powered by cryptocurrencies, Silk Road, greatly harmed the public image of new digital money. Operating in the underbelly of the internet, the Tor network, Silk Road facilitated many hacker attacks, money laundering, and blackmail operations. Criminal activity in this sector not only harms the directly-affected crypto-holders, but it suppresses further adoption of blockchain-powered digital money.

In the best of times, outside of stablecoins, cryptocurrencies suffer from volatility compared to fiat money. Big crypto exchange hacks cause the price of Bitcoin to plummet, which then drags down all lesser cryptocurrencies with it. Inevitably, this further increases cryptocurrency volatility and decreases its usage as money.

With all this in mind, it bears emphasizing that blockchain still remains effectively unhackable. People lost money from crypto exchange hacks because users gave their private keys to these companies. By doing that, a user forgoes a vital security feature of cryptocurrencies – private and public keys – and places all the trust into crypto exchanges for the sake of convenience.

Unhackable Blockchain is Only the Beginning of Cybersecurity

Let’s face it. If digital currencies operated under any other system other than blockchain, only hardcore enthusiasts and first-time adopters would flirt with that kind of digital money. As it stands, blockchain, as a distributed ledger across nodes, can withstand any malicious attempts at record alteration. This is why numerous governmental and corporate organizations, from military to healthcare and art galleries, have started to view blockchain as a low-cost, high-end implementation of cybersecurity.

As we have seen with the latest hacking of Twitter accounts, the human factor is the weakest link in the cybersecurity chain. In this instance, they befriended the Twitter employee on Discord and then convinced the employee with some extra incentives to share the administrator account.

Likewise, Bitcoin thefts and breaches occur outside the impervious blockchain:

  • Opting to give crypto-exchanges your private key instead of using private wallets – hard, mobile, or desktop. Then, you must rely on the company in charge of the crypto exchange to have trustworthy employees and security measures.
  • Opting to have a private wallet with both private and public keys, but not securing it enough. Usually, by leaving passwords and word phrases in other unprotected locations and files.
  • Falling for scams by email, imposter websites, and apps (or Twitter…)
  • Acquiring malware by visiting scam websites and opening files in your email from untrustworthy sources. Then, this malware gains access to your web-based wallet and is extremely difficult to remove. Some malware programs even scan your clipboard and text files to replace your cryptocurrency address with the address of the scammer. Other malware installs a miner to use your computer as a free mining resource.

More skillful scammers have developed a roundabout way of taking your money, mainly by exploiting human nature.

  • As Bitcoin entered the mainstream news cycle and soared in value, people were starting to feel left out of the game. Trying to catch up with lesser, cheaper altcoins, they fell into the embrace of ICO scammers. In 2017, fake Initial Coin Offering (ICOs) was a huge problem, with at least 80% of ICOs uncovered as scams.
  • Pumping and dumping. Relying on the same sentiment as with ICO scams, pump and dump scammers have adopted a strategy of picking an altcoin low in market cap, buying it in bulk to spike its price, then selling it after other people bought it for an even higher price.
  • Closely related to the aforementioned Twitter hacking, you will also find celebrity impersonation scams. All of those hacked accounts of famous people were used as cryptocurrency giveaway scams. Usually, they promise to send you more than what you sent them, as a part of some kind of charity drive.

As you can see, you can have fool-proof security in the form of blockchain and still be duped if you lack knowledge and discipline to resist baits.

User-Education Must Come First

Blockchain may be the revolutionary bulwark against hard hacks we were all waiting for, but soft hacks will continue to plague cryptocurrency users. Even outside of hacks and scams, cryptocurrency, with Bitcoin leading the charge, has become the perfect means of laundering money. Moreover, money-laundering goes hand-in-hand with blackmail and ransom.

Such is the flexibility of digital technology that cybercriminals don’t even have to hack anything at all. They can simply threaten to hack or insinuate to have some dirt on someone by using vague language, and the victim would then just have to send a certain cryptocurrency sum to their address. No physical contact, and no risk.

At least, some careless cybercriminals would assume so.

Only initially could you claim that Bitcoin is anonymous money. In 2011, that all changed with the first release of the block explorer. Because blockchain keeps an immutable ledger of all transactions, it only takes such a tool to track down every transaction. However, even this can be countered by creating multiple wallets and addresses with privacy-focused browsers such as Tor. Some cryptocurrencies, like Monero (XMR), are designed with untraceability as the core feature.

Takeaway

We can say that digital technology was inevitable. We can even say that blockchain was inevitable. We are lucky to live in the timeline where we have both. However, what we cannot say is that unbreachable cybersecurity is inevitable. No matter what kind of cybersecurity system we design, it will have to cater to the lowest common denominator – human markets.

About the Author

Tim Fries AuthorTim Fries is co-founder of Protective Technologies Capital, an investment firm focused on helping owners of industrial technology businesses manage succession planning and ownership transitions. He is also co-founder of the financial education site The Tokenist. Previously, Tim was a member of the Global Industrial Solutions investment team at Baird Capital, a Chicago-based lower-middle market private equity firm.

Leave a Reply

Your email address will not be published. Required fields are marked *