Intelligent Fin.tech Issue 05 | Page 19

GAUGING THE MARKET single largest DeFi cryptocurrency hijack of US $ 600 million . With nearly US $ 240 billion locked in , DeFi protocols are a certain target for adversaries .

Smart contract design vulnerabilities
Organisations should look to adopt software that can utilise AI and Machine Learning to detect threats before they even occur .
Under the DeFi umbrella , smart contracts are largely used in interoperability protocols which link multiple blockchains together . Design flaws can allow adversaries to call privileged smart contracts controlling the flow of digital information between linked blockchains . The assets can then be directed into a cybercriminal-controlled address to be traded freely over an exchange . Organisations leveraging smart contract technology need a secure system development life cycle through DevSecOps considerations .
Crypto wallet attacks
Like wallets used to store cash , cryptocurrency is deposited in digital wallets which can be accessed through cryptographic keys . There are two sets of keys , first the public key , which can be used to deposit digital assets in an address just like a bank account number , and secondly , a private key , which can be used to withdraw money from the wallet like a PIN . Private key security is critical to safeguarding the digital assets stored within crypto wallets . Basic attacks on crypto wallets aim to locate files where private keys are stored . However , since 2018 , attackers are re-constructing private keys by decoding electromagnetic signals emitted by devices in an attempt known as a side-channelling attack . Additionally , several attacks on crypto wallets leverage human error , pre-existing vulnerabilities and connection interception which eliminates the need for private keys to hijack a wallet .
There are some major vulnerabilities surrounding blockchain , however , there are systems that can be put in place to detect and limit cyber criminals attacking blockchain technology .
A step in the right direction an illicit transaction was successfully executed on or across blockchain ( s ). Detection of cyberattacks later in their life cycle can lead to adverse financial , reputational and / or regulatory impacts .
To address this gap , organisations should look to adopt software that can utilise AI and Machine Learning to detect threats before they even occur . Through this software , blockchain and crypto firms can collate suspicious on-chain and offchain activities for enhanced visibility of their security posture , simplifying both threat detection and incident response activities . Having software that is built with native out-of-the-box compliance alerting and advanced analytics to identify and flag compliance breaches is also key . In an uncertain regulatory environment , this software will enable blockchain and crypto firms to monitor for compliance and cybersecurity under the same joint effort .
Further still , the identification of cyber-risks affecting blockchain-specific infrastructure is key to the development of proactive cybermaturity efforts . Having the right system can contextualise native intelligence monitoring , in turn , enriching threat detection with near real-time industryspecific intelligence feeds to identify bad actors and APT group campaigns .
It ’ s impossible to stop all cyberattacks , so when a breach occurs a cybersecurity team must be alerted as soon as possible . Falsepositive alerting generates tremendous noise for security teams globally . By utilising Machine Leaning , engines can observe historic true and false positives for similar events using enforced learning to decide whether an alert should be triggered – therefore alerting teams when a real threat is occurring .
What does the future hold ?
Navigating a challenging environment and adopting the best practices can be overwhelming for business and function leaders . With the intertwining of blockchain and cybersecurity in an ever-evolving threats landscape , it is imperative that you continuously enhance your business to match the current landscape . Without proper thought , this implementation can be difficult or even impossible . Blockchain offers many benefits , such as efficiency , optimisation , cost reduction and better security . However , technology also introduces new risks to systems if not properly managed and monitored . �
Past attacks faced by digital asset firms have often been reported only after
www . intelligentfin . tech
19