Crypto Security in 2022: Prepare for More DeFi Hacks, Exchange Outages, and Noob

_____

_____

• “DeFi is still a giant virtual laboratory of experiments where moving fast and breaking things in the world of finance is still the rule.”
• “Too many people don’t value security” or are willing to throw significant amounts of money in untested DeFi platforms.
• “It’s very risky to hold a leveraged position during such [exchange] outages as such positions can be liquidated fast.”
• “One of the biggest areas of security remains that of private key management.”

Security is integral to crypto. This is perhaps unsurprising for something based heavily in cryptography, but with cryptoassets now surpassing a total market capitalization of USD 2trn, security has to be a key issue for every exchange, wallet, platform, user, and investor in the industry.

However, all too often this doesn’t quite appear to be the case, what with the number of decentralized finance (DeFi), crypto exchange hacks, and ransomware exploits we’ve witnessed this year. Sadly, industry players speaking with Cryptonews.com predict that things will get worse before they get better, with DeFi, centralized exchanges, cryptoassetss, and users themselves all facing challenges next year.

At the same time, as the market matures and as new tools appear, the security offered by many platforms might see an improvement by the end of 2022.

Fast-moving DeFi problems

Pretty much every commenter we spoke with says that DeFi security issues will continue to be a trend well into 2022.

“Not to sound too dramatic but DeFi is still a giant virtual laboratory of experiments where moving fast and breaking things in the world of finance is still the rule. The level of complexity of new DeFi services built-in ‘Lego’ mode allows more room for either malicious attacks or human error,” Ouriel Ohayon, Co-founder and CEO of mobile-based crypto wallet ZenGo.

DeFi has numerous internal characteristics and quirks that make it ripe for security problems or vulnerabilities, and these are likely to remain in place in 2022.

“One of the potential problems with decentralized finance, in terms of cyber-attacks, stems from the fact that, by definition, it’s unregulated in the way that traditional financial institutions are.  The fact that there are organizations with little experience or knowledge of dealing with cyber-security issues compounds the problem,” said David Emm, the principal security researcher with Kaspersky’s Global Research and Analysis Team.

Emm explains that such inexperience and underregulation leave scope for cybercriminals to exploit the situation. “For this reason, we will continue to see attacks on the sector,” he added.

Commenters are divided on whether the DeFi security situation will get better or worse next year. For Trezor and SatoshiLabs Brand Ambassador ​​Josef Tětek, DeFi apps will remain prone to bugs and exploits of various kinds.

“This is due to the tendency of DeFi developers to move fast and attract as much capital as possible, both of the invested and value-locked kind. Plus we have witnessed bugs being found even in long-running apps such as Compound — the complex smart contract architecture simply offers too large of an attack surface,” he told Cryptonews.com.

Likewise, CipherBlade’s Paul Sibenik isn’t particularly hopeful that crypto will see an improvement when it comes to DeFi’s security problems.

“We don’t expect it to improve, if anything the contrary. Too many people don’t value security or are willing to throw significant amounts of money in DeFi platforms that don’t have an extensive battle-tested track record particularly with regard to security,” he told Cryptonews.com.

At the other end of the spectrum, some industry figures are hopeful that 2022 will witness a gradual improvement, with DeFi vulnerabilities becoming less of a theme.

“The good news is that more tools to vet the security of those projects but also to help investors protect themselves from their own mistakes are coming to the market,” said Ouriel Ohayon.

Similarly, Chris Harding, the compliance officer at Civic, tells Cryptonews.com that while the growth of DeFi will attract bad actors, it will also provide platforms in the sector with expanded resources for strengthening their systems.

“As [hackers] grow more shrewd with their approaches, so do the DeFi project teams! Teams are learning every day and the community is collaborating on how to better protect against bad actors,” he said.

Harding also suspects that the involvement of regulators may have the positive effect of improving security within DeFi, in the sense of compelling platforms to introduce better protections for users.

“We’ve recently seen the FATF guidelines on [virtual asset service providers] published, so as the US and other countries determine how to implement those guidelines into law, we will see many players start devoting a lot of time and energy to legal and compliance matters,” he added.

Exchanges to continue experience outages and technical issues

More than a few crypto exchanges experienced hacks in 2021, while another common security issue (at least as far as protecting the value of your holdings goes) were the outages and service disruptions that even the biggest platforms — such as Binance and Coinbase — experienced on numerous occasions this year.

“The outages at major exchanges attest to the near-exponential growth in trading volume we’ve seen over the course of 2021, which will only continue to expand in 2022. This rapid growth in transaction volume should be seen as a major point of validation for the crypto industry, though the dramatic transaction spikes present operational challenges for exchanges and other [decentralized applications],” said Matt Cutler, CEO & Co-Founder of blockchain data provider Blocknative.

Industry observers anticipate that exchange outages and hiccups will continue being a trend in 2022, and as with DeFi problems, may only see incremental improvement at best.

“I believe exchanges will keep on suffering outages in the times of strong price rallies, simply because spikes in demand can outpace every expectation. It’s very risky to hold a leveraged position during such outages as such positions can be liquidated fast,” said Josef Tětek.

That said, as the industry continues to grow and mature (and as regulation enters the fray), at least some people think exchange issues will improve gradually over the course of next year.

“Each outage is a necessary step towards a stronger set of processes and infrastructure. We think this cycle is inevitable and even required so that the industry grows towards a more stable state,” said Ouriel Ohayon. (Learn more: Crypto Exchanges Scale, But Outages Likely To Remain A Fact Of Life)

One thing that might improve the problem, at least to some extent, are decentralized exchanges (DEXes), at least according to Futureswap CEO and co-founder Derek Alia.

“DEXes are antifragile against these network outages because you have hundreds of thousands of people incentivized to run the nodes of the network to keep the system up, which is far more resilient than keeping it in one or two large network hubs distributed in a handful of places. This is one reason why you’re seeing crypto applications with almost zero downtime,” he told Cryptonews.com.

Platform teething problems

Related to exchange disruptions are the kinds of outages we saw afflict nascent platforms such as Solana (SOL) and Arbitrum this year. This is likely to be another prominent trend in 2022, particularly as new networks emerge and develop.

“Investors continue to show a willingness to throw obscene amounts of money into relatively new and/or not sufficiently battle-tested projects when they think the price will go up,” said Paul Sibenik.

This is a view shared to a large extent by Josef Tětek, who also says that the market’s overzealous pursuit for the ‘next big thing’…