Hackers have stolen around $570 million in tokens from Binance, the world’s largest crypto exchange, sending the digital assets industry into a tailspin. This is the third such attack in 2022 – amounts of $650 million and $100 million were swiped from Ronin and Horizon, respectively.
According to Chainalysis’ Mid-year Crypto Crime Update, hackers syphoned around $1.9 billion worth of crypto in the first half of 2022. In the same period last year, $1.2 billion worth of tokens was stolen. As the industry continues to develop, and preventative measures improve, attacks are expected to reduce but there are no guarantees.
It’s no surprise the financial industry is being targeted: after all, that’s where the money is. Cyber security specialist, SonicWall, reported that while malware attacks increased 11% in the first half of 2022, they doubled at banks and financial institutions.
Nicolai Tangen, Chief Executive of Norges Bank Investment Management, told the Financial Times that the giant sovereign wealth fund faces 100,000 cyber-attacks every year, and suggested they could pose a systemic financial risk. Since the pandemic, demand for online financial services sky-rocketed. As the industry accelerated its virtual offering, its vulnerability to cyber-attacks increased.
Effective cyber defence depends on active partnerships between private sector, governments and security agencies. One hard-earned lesson is that networks are only as strong as the weakest link in the chain, so each organisation needs to be playing its part in shoring up cybersecurity measures – but how?
More investment needs to be directed to developing, and enforcing more secure encryption technologies. Specialist auditing firms should be engaged to scrutinise clients’ cyber security practices and ways of storing data, and regulators should be sitting up and paying attention to the results. While the financial sector is at risk of having millions stole, there are more serious risks to be considered: a cyberattack on an aircraft manufacturer or nuclear power plant operator could easily endanger lives, communities or entire nations.
Investors should be switched on and asking questions of companies in which they invest to understand the measures being taken to secure their operations. Shareholders should also insist company boards include directors with real-world cyber expertise.
We live in a time where cyber-attacks will remain a clear, present and persistent danger, and even the most advanced measures can only minimise the risk. Precautions can, as the Norges Bank Investment Management has proven, prevent attacks from turning into a systemic danger.