Cybersecurity and Defence Against Attack: Securing Security in the Digital Age

Cybersecurity and defence against attacks

According to CertiK analytics platform, in April 2024, cryptocurrency projects as a result of hacking and other fraudulent activities lost a record low amount over the past three years. It amounted to about $25.7 million.

At the same time, according to the Immunefi report, the amount of theft at the end of the first quarter of this year reached $336.3 million in 61 incidents. The largest hack was the Orbit Bridge cross-chain exploit, when hackers withdrew more than $80 million worth of assets in various cryptocurrencies.

It’s worth noting that compared to the same period last year, the number of incidents decreased by 17.6% and the amount of damage caused decreased by 23%. And interestingly, about 22% of the thefts were recovered because they were carried out by white-hat hackers. Also, according to the TRM Labs report, the main damage was caused by the theft of private keys and seed phrase matching.

Specialists note that the trend of decreasing losses of the crypto industry from the actions of hackers and fraudsters was already observed last year: the losses of the sector related to cybercrime halved compared to 2022.

“White hackers (ethical hackers, white hats) are cybersecurity specialists who professionally conduct activities to identify vulnerabilities in IT systems. Based on the results of their tests, developers take a number of measures to strengthen the security of products.”

Improvements in cybersecurity are attributed to the following factors:

Improved approaches and use of new models for anomaly detection, including real-time monitoring of transactions involving digital assets;

Increased efforts by regulators and law enforcement to combat cybercrime and money laundering in cryptocurrencies;

Improving the sharing of information on threats, vulnerabilities, ways to protect against cyber fraudsters, and incident management among professional market participants.

Types of fraud

Analysts at SlowMist, a blockchain cybersecurity company, have outlined the main reasons why investors (both institutional and individual) lose digital assets:

Leak or harvesting of seed phrases and private keys (almost a third of cases);

Installation of fake wallets, decentralized applications, use of false addresses (also nearly a third);

Phishing with transaction signing (about 20% of cases);

Phishing in messengers, chat applications, platform hacking, smart contract vulnerabilities, transaction errors, pyramid schemes, etc. (to a lesser extent, cumulatively, pyramid schemes, etc.). (to a small extent, cumulatively about 20% of cases).

Let’s take a closer look at some of them.

Exploiting vulnerabilities in code

Usually, software testers accept the presence of less than 1 bug per 1000 lines of code as a security standard. However, there is no guarantee that these very small bugs will not be exploited by malicious users. This is especially true when third-party software (operating systems, social networks, messengers, payment gateways, etc.) are used simultaneously. Then the security risks in general increase significantly.

An illustrative case was the hack of the crypto exchange Mt. Gox in 2014, which it did not survive. This exchange handled about 50% of bitcoin transactions at the time and collapsed due to neglecting the minimum rules of cybersecurity: regular code testing for vulnerabilities. As a result, $473 million in assets were withdrawn from the platform. The hackers then discovered a vulnerability that allowed them to make changes to trading data before it was confirmed on the blockchain.

Phishing

This is a type of online fraud that relies on the use of social engineering techniques, where the victim voluntarily performs actions that are induced by fraudsters pursuing their own selfish goals. The attackers use deceptive maneuvers to motivate the user to give them personal information or money.

The most common model of phishing is to send messages or emails with links that look like reliable links to websites of well-known companies, but actually lead to fake resources that copy the original in detail. Sometimes changing just one letter or symbol in a domain name is enough to fool a user.

SMS authentication hijacking

SMS hijacking allows false authentication or access recovery. Various methods are used: wiretapping, cloning SIM cards, using fake base stations, phishing the operator. SMS intercepted in this way are used to log into accounts, change email passwords and successfully pass two-factor authentication.

51% attack

This type of attack is applied to blockchains with Proof-of-Work consensus algorithm. The goal is to gain control of more than 50% of the hash rate. By controlling a “control packet” of the network’s total processing power, attackers can alter the transaction history, duplicate assets, or prevent new transactions from taking place. As a result, the blockchain loses its decentralized nature and falls into the hands of a single criminal actor or organized group.

The higher the hash rate of the network, the lower the risk of a 51% attack, because mining large networks requires huge computing resources. This is the main reason why bitcoin is considered the most secure blockchain in existence today.

Rug Pull

Rug pull is a common type of financial fraud in which the project team suddenly “disappears” with investors’ money. This scheme is implemented on decentralized exchanges and is generally inherent to the DeFi ecosystem. Placing tokens on DEX does not always require an audit, and attackers are eager to take advantage of this. Such incidents thrive in hype projects that create a buzz. In such cases, fraudsters don’t even need to bother with detailed technical documentation and a roadmap, and the process of issuing tokens on Ethereum or Solana doesn’t require highly skilled developers.

It is enough for attackers to advertise the project, promise exorbitant Xs and encourage the victim to make an impulsive financial investment.

Then, after placing the token and creating a liquidity pool, they withdraw funds from it and disappear in an unknown direction.

One of the high-profile cases of pug pulling was the AnubisDAO incident in 2021. A few hours before the end of the token sale, the developers withdrew all the liquidity from the pool, costing investors $60 million. And it was a solid project at first glance. The team presented it as a fork of OlympusDAO.

Or the SQUID incident (a coin based on the “Squid Game” Netflix series), which lost 99.9% of its value after fraudsters withdrew the money they had received from investors. The attackers then made almost $3.5 million.

Modern cybersecurity technologies and methods to prevent attacks

Blockchain technology is constantly developing and spreading, affecting more and more spheres of human life, and its market capitalization shows a multi-year trend of increasing value.

At the same time, blockchain, like any other innovative technology, has its own unique set of vulnerabilities, risks, and potential security threats. And for an industry with an increasingly important place in the global economy, getting a handle on cyber threats and taking preventative measures to protect network security is becoming a top priority.

While the number of hacks, DoS, DDoS attacks and cyber-attacks per se have decreased over the past two years, the security of blockchain data and the ecosystem as a whole still requires tremendous attention.

It should also be noted that the downward trend may have been due to bearish market sentiment, and now in the upswing phase caused by the launch of spot ETFs and the halving of bitcoin, the situation may not change for the better. As prices rise and crypto projects become more active, we may see fraud schemes become more sophisticated and losses from blockchain information security incidents increase.

And the biggest threats, according to cybersecurity experts, are the following:

Increased threat of smart contract attacks. The more new smart contracts, the more vulnerabilities and the higher the risk of cyber threats. By the way, Ethereum was the most attacked blockchain at the end of last year, accounting for more than 50% of hacks and scams. The second place was occupied by BNB chain with 22%.

Experts believe that the next major risk is the emergence of increasingly sophisticated phishing (social engineering) scenarios. Recently, we have all witnessed the activation of fraudsters, especially in the Telegram network. This year, the popular messenger has become almost the main platform for cybercriminals and fraudsters to operate with impunity.

These and other underlying blockchain threats continue to require constant attention and comprehensive solutions.

Key Blockchain Protection Practices

Constant monitoring, testing, and analysis of code and smart contracts is a priority for developers and users. These measures allow vulnerabilities to be identified and addressed before they become known to attackers.
Regularly pass independent security audits. For example, Tether, the issuer of the USDT stablecoin, announced this spring that it had successfully passed a systеm and Organization Controls 2 (SOC 2) audit. This audit assesses the level of control over cybersecurity risks, privacy, and data confidentiality. The company announced plans for a mandatory annual independent security audit.
Increased security awareness among network participants. Users should be informed about precautions to protect private keys, detect phishing, and other privacy practices to protect financial assets. Conducting training programs, webinars, transparent security policy documentation, and contextual notifications in applications to help users conduct secure financial transactions.
Protecting network infrastructure. Implementing the latest network security, encryption, device authentication, and anomaly detection techniques provides multiple layers of defense against potential threats.
Open collaboration and information sharing. Active and open security collaboration within the community helps to quickly identify, defend against, and investigate threats, thereby reducing potential damage.
Developing quantum-resistant encryption technology. Developments in this area reduce the growing risk of damage from potential quantum threats.
Developing new privacy and confidentiality solutions. Changes in government regulation of the crypto sector require continued attention to data anonymity solutions to balance privacy with the ability to thwart criminal activity.

Thank you for your attention. Make only secure financial transactions!

AnyExchange is a cryptocurrency exchange service that allows you to convert your digital assets into electronic money or cash at the best possible exchange rate . Fast money transfers worldwide are also available on our platform.