Carbon Black estimates that more than $1 billion in cryptocurrency was stolen in the first half of 2018 alone. And though cryptocurrency custodians must wrestle with some of the same security risks as traditional financial markets do, the crypto environment presents some unique challenges.
The digital environment needs fortification, of course, via a secure network, encryption technologies, and other anti-hacking defenses. But the other, not so obvious, risk area is protecting the cryptocurrency assets held in cold storage. With cold storage, private crypto keys are physically stored offline or on a computer that is isolated from the network. In many ways, it’s considered a safer alternative to hot storage, in which private keys are stored online.
To protect these small, but highly valuable assets, custodians must identify and mitigate the risk exposure associated with storage and transportation of the private keys. Those risks include the size of the devices, identity management, access control, physical and operational risks, and the potential for violence.
In the infographic that follows, we explore each of these risks in more detail and highlight why cryptocurrency fraud prevention requires special consideration.
It is no secret that cryptocurrency is captivating audiences and opportunists on a global scale. By utilizing the cryptocurrency model of block chain technology, users can perform transactions more quickly and anonymously. As such, many believe cryptocurrency was initially created to facilitate illicit activity such as human trafficking and narcotics. That impression has since been replaced as more and more people discover the ability to purchase goods and services without bank fees and potentially a higher gain on the amount of currency invested in the blockchain system.
Still, many risks remain. And the crypto exchanges are looking for new ways to mitigate these risks, which include:
Spreading risk is a widely accepted way to succeed in the financial market. But the complex way in which certain risks are dispersed across anonymous networks or computers in a crypto exchange makes is difficult to pinpoint the exact source of a threat or risk in the system.
The anonymous, digital nature of cryptocurrency transactions means there is a natural lack of control and physical security. This allows new opportunities for someone with malicious intent.
Lack of Control:
Typically, network administrators and advanced computer engineers can develop robust controls to ensure the cryptocurrency is able to be stored and used as appropriate. But what happens if the device is stored on a thumb drive and is stolen or damaged? What happens if someone performs a tiger kidnap and forces transactions to take place?
Potential for Significant Loss:
Unlike in a vault robbery where millions of dollars in bulky and heavy currency takes multiple trips to remove from a vault, the same amount can be removed in seconds with a thumb drive into an anonymous sea of computers.
These and many other areas of risk are driving the cryptocurrency exchanges to invest in insurance. Insurance syndicates and others are responding by addressing how to validate the actual quantum of the currency and how to define the policies and exclusions that will protect these growing networks.
Meanwhile, the cryptocurrency exchanges will continue their efforts to identify and mitigate current and future threats to the trust and safety of their networks.