Michael Shaulov.

Crypto security in 2024: Looking beyond last year’s dollar drop

"Cybersecurity is always a game of cat and mouse. One side outpaces the other for a time before the roles reverse. This is why anyone involved in crypto security can never afford to have an inaccurate view of where that security stands," writes Michael Shaulov, CEO of Fireblocks

End of year crypto hack reports are rolling in, and the big story is the significant drop in total dollar value stolen. TRM, De.Fi, and Immunefi all marked 2023 losses at around $1.8 billion, a sharp decline from $4 billion in 2022. Multiple news outlets including Bloomberg and TechCrunch have picked up the reports, and the reception by the industry has been one of celebration, with many specifically attributing the drop to better security tech and greater awareness of attack vectors. And while I appreciate the desire to celebrate good news, especially in this industry, I think this celebration is premature. Here’s why.
In 2023, attackers have demonstrated a higher degree of sophistication than in previous years, and the frequency of attacks has increased as well. The simple reality is that attackers are getting to similarly high-value targets, but due to the bear market, these targets usually hold a fraction of the funds they would hold in a 2022-like bull market.
1 View gallery
מוסף שבועי 27.1.22 מיכאל שאולוב מייסד ומנכ"ל פיירבלוקס
מוסף שבועי 27.1.22 מיכאל שאולוב מייסד ומנכ"ל פיירבלוקס
Michael Shaulov.
(Photo: Yulia Ner)
Conclusions about the state of crypto security should be evaluated across multiple dimensions. Certainly, the total dollar amount stolen can tell us something, but we cannot draw conclusions about security and resilience based on this metric alone. Even with evidence of better security technology year over year (of which there is plenty, I will mention a few below) we cannot draw a causal relationship between the two. This is especially true given that crypto hack statistics are so prone to outlier events (like the two $600+ million hacks in 2022). There are too many other factors that have significant bearing on the state of “crypto security” to look at that metric and say much of anything.
One such factor is highlighted in Immunefi’s 2023 annual report: the number of crypto hacks actually increased in 2023 by 89% (319 in 2023 vs 168 in 2022). The quantity of hacks contradicts the notion of an improving security landscape. Furthermore, throughout the entirety of 2023, crypto prices were significantly below all-time highs. Even granting the substantial recovery this past year, total crypto market capitalization is still 30% off the 2022 highs. There was simply less value to extract from the compromised entities last year, a point also highlighted by Chainalysis cybercrime research lead Eric Jardine in October.
Equally concerning is the fact that private key leakage and mismanagement remains a primary culprit for successful attacks. Nearly half of the top hacks of 2023 (the 1st, 3rd, 4th, and 10th largest) were either confirmed or likely instances of private key compromise. This is especially disappointing given the ample warnings that 2022 gave us about private key security. The Ronin, Horizon, and FTX hack were all perpetrated via private key theft. Moreover, widely available enterprise grade platforms for effective wallet and private key security have not been implemented by the aforementioned hack victims.
It is also worth noting that hackers have consistently showcased an ability to adapt and level up their strategies to work around security improvements. Take a look at the highly sophisticated KyberSwap exploit or this AI deepfake of Cardano founder Charles Hoskinson. Also, the passing year saw one of the most advanced supply chain attacks in history - the 3CX double supply chain attack. We as an industry must continue to match hackers in this virtual arms race.
That all said, we’ve certainly made strides. Multi-Party Computation, a technology that removes the single point of compromise of private-keys in crypto wallets has been widely adopted by over 1,800 crypto players that leverage Fireblocks for their security, and exchanges like Coinbase rolling the technology to a wider client base. Web3 transaction simulation tools by companies like Blockaid are also adding necessary and important infrastructure that is leveling the playing field for the good guys, allowing us to detect in advance DeFi based phishing attacks. To win the race in 2024, we need these technologies to gain 100% adoption and properly listed as mandatory controls by regulators and insurance providers.
Cybersecurity is always a game of cat and mouse. One side outpaces the other for a time before the roles reverse. This is why anyone involved in crypto security can never afford to have an inaccurate view of where that security stands; that only widens the gap. We must continue to push, innovate, and be unsatisfied with our progress.
Michael Shaulov is the CEO and co-founder of Fireblocks