The cryptocurrency community is still reeling after a $1.5 million security breach at Bybit. Hackers have absconded with an astounding $1.5 billion in stolen Ethereum. In the aftermath, this incident has rocked the industry to its core. It’s ignited immediate demands for better security standards, with serious implications regarding the safety of any digital asset on exchanges. The Bybit hack demonstrates that in the crypto world, cybercrime is an ever-present threat. Over $6 billion have been plundered from exchanges, DeFi platforms, and blockchain bridges so far this year alone.

The Bybit breach is the most recent in a string of major crypto hacks. Such attacks have haunted the industry since its inception. These attacks lead to millions of dollars in lost education and financial opportunities for students and other members of the institutions affected. They rattle confidence across the entire ecosystem. With each increase in the value of cryptocurrencies, we see a corresponding increase in motivation for bad actors to hack these platforms.

A History of Crypto Hacks

The crypto industry has been a frequent target of cyber criminals. Perhaps the most notorious example is the Mt. Gox hack. At its height, Mt. Gox processed 70% of all Bitcoin transactions in the world. The Mt. Gox hack led to the loss of 850,000 BTC. At the time, that number translated to $450 million. Now, it’s just exploded to more than $40 billion!

Just as big was the Poly Network protocol exploit, in which over $600 million in assets were stolen. This attack, which included the draining of 173,600 ETH (~$35 million) and 25.5 million USDC, demonstrated that no DeFi platform is immune to attack. The saved Poly Network hack wasn’t just the biggest DeFi hack of 2021, it was one of the largest hacks ever recorded.

Even the Ronin Network, which powers the hugely popular game Axie Infinity, experienced a devastating breach in which $615 million was stolen. The coordinated attack involved bad actors using a vulnerability to get away with private keys from validator nodes. This loophole allowed them to siphon off money from the network.

The North Korean Connection

Increasingly, law enforcement agencies and cybersecurity experts have identified North Korea as a key actor in crypto-related cybercrime. The Lazarus Group, an elite hacking collective supported by the North Korean government, was responsible for the $600 million Ronin heist and the $100 million Harmony Horizon Bridge attack in 2022 – just to name a couple of their most high-profile attacks.

Today, North Korea relies on stolen cryptocurrency to prop up its weapons programs and circumvent international sanctions. Fighting crypto crime is about more than just protecting Americans’ financial security. It has quickly become a top national security concern. The scope of these operations is truly mind-boggling. According to estimates, North Korea has stolen up to $2 billion in cryptocurrency over the last few years.

The involvement of nation-state actors like North Korea adds a new layer of complexity to the challenge of securing the crypto ecosystem. Make no mistake, these groups have deep pockets and endless expertise. Consequently, they can conduct novel, complicated attacks that are extremely difficult to identify and defend against.

Strengthening Security Measures

Recent events at the Bybit exchange have sent shockwaves throughout the crypto space. Today, exchanges are rushing to improve their security and protect customer assets. Bybit has guaranteed customers that their funds are safe. The incident has led to some justified concern over whether their security protocols are even remotely up to snuff.

The best thing exchanges can do in this regard is have regular third-party audits from cybersecurity firms. These audits can go a long way toward spotting vulnerable areas before they’re targeted by attackers. Following the UST collapse, exchanges should require the use of multi-signature wallets. This method needs several approvals on behalf of transactions, greatly raising safety from hackers trying to steal assets.

Employee training One of the most important pieces of security that involves employees is training. Exchange staff should receive training to identify and defend against phishing efforts and other forms of social engineering. They need to be empowered with knowledge on the value of strong passwords and safe data storage habits.

Amount lost overall due to cybercrime, including crypto investment fraud, stands at $12.5 billion. This shocking figure is a reminder that we can never let down our guard or stop looking for new approaches in the ongoing battle with crypto criminals. As the industry matures, we must ensure that security continues to stay at least a few steps ahead of the growing and ever-present threats.