Rob Behnke
January 10th, 2022
In just 5 short years the crypto sector has gone from just over $7 billion in market capitalization to a multi trillion dollar asset class, and this explosive growth has naturally ushered in a wave of developers, investors, companies, financial institutions and now governments.
More people than ever are opening up to the possibilities and use cases that blockchain technology brings, ushering in a number of new and evolving trends as we embark into 2022.
Whenever a trend experiences significant growth in terms of users and capital flows, this naturally attracts more bad actors to that space, as new attack vectors are opened up, and cybersecurity practices in new areas are often not fully understood or put in place. Additionally, some of these trends and technologies are gaining adoption at a rapid rate, increasing the urgency to concurrently adopt good security practices to keep data and crypto assets safe.
On our blog, we’ve covered a number of ways to keep your data, devices, and networks safe, but many of the emerging blockchain trends will bring new security concerns to the blockchain and its users. So, in this article, we’ll have a look at the biggest trends coming to the blockchain space in 2022 and beyond, and the potential security threats to look out for when interacting with companies, projects, crypto wallets and other technology in these spaces.
When Meta (formally Facebook) first announced its plans to spend billions on building out its metaverse infrastructure, it caused a shockwave across technology and general news sectors. However, those who are heavily involved in blockchain technology are no stranger to the metaverse and the services that already exist in this space. There are a number of projects that currently have functioning metaverses including Axie Infinity, Decentraland, The Sandbox and many more – and a number of these projects are currently experiencing rapid growth on the back of Meta’s announcement.
Many of the current metaverse projects require that users connect their cryptocurrency wallets to interact with them, as gameplay and interaction need to be attached to a unique identity – that being your wallet’s public address. And, just as in the real world, your wallet is used to purchase items such as land, clothing, art and other things. However, having an attached crypto wallet such as MetaMask is where the security concerns within the metaverse start to take shape, so we’ll have to look at that and other cybersecurity issues within the metaverse.
Digital wallet security issues come into play in the metaverse, just as they do anywhere else in the crypto space. One of the most popular crypto wallets to use in current metaverse applications is MetaMask and there have been countless reports of compromised wallets in the metaverse, which resulted in stolen funds and NFTs. Everything from fake airdrops meant to phish users’ accounts, to compromised keys, the metaverse adds another complex attack vector to the blockchain. Additionally, VR technologies like Oculus and HTC Vive, which will become a centerpiece in metaverse interaction, have also proven to be vulnerable to hacks.
As the metaverse space evolves, so will the possibilities to have sensitive data leaked. And being that Meta, Microsoft, and many others already have plans for bringing the metaverse into work environments, the risks to information security are likely to increase over time. That said, as you start to integrate these new technologies into your day to day processes, be sure to follow InfoSec best practices to help keep your information as secure as possible.
Non-fungible tokens are cryptographic collectable tokens that represent something unique and that cannot be replicated. Over the past couple of years, the market of NFT sales quadrupled to $250 million, and has seen well known artists such as Beeple selling their crypto art through NFTs for millions of dollars. These large sums of money and new technology have attracted a whole new wave of consumers into the crypto space, and whenever a new technology sector experiences massive growth, cybercriminals are naturally given more opportunities to exploit users.
Recently, The Verge reported that OpenSea – the primary marketplace for NFTs – needed to fix a vulnerability in their platform that would let hackers drain users wallets by sending them a maliciously crafted NFT. For instance, you could open up your wallet one day, notice a seamingly free NFT, try to send that NFT out to another wallet or simply interact with it in any way, and from there the hacker could drain funds from the wallet. This hack would work because the user would be exposing their wallet details in the process.
The best practice when interacting with any marketplace in the NFT space, such as Rarible, OpenSea, or any other platforms and wallets, is to:
and
For more info on NFT security, check out our blog post How NFT Security Is Impacted by Blockchain Security.
More people than ever are interacting with Bitcoin and Ethereum, which has forced banks to acknowledge the growing popularity of cryptocurrencies and begin to integrate them into their services. Additionally, the FDIC has been working on a way to allow banks to hold crypto assets, and a catalyst like this could introduce a whole new wave of people to crypto assets and the world of blockchain. And, although it’s difficult to know the exact size of the financial services industry, most studies estimate it being up to 25% of the world economy. If that’s any indication of the number of people that could be interacting with cryptocurrency and digital assets in the coming years, this will open up an incredibly large attack vector that hackers could target.
If banks allow users to transfer digital assets into and out of their accounts via the blockchain, much in the same way crypto exchanges do, there will be a much larger number of people exposed to the security risks that come along with handling crypto assets. The need to use things like password managers, cryptocurrency wallets, and InfoSec best practices will become more important than ever, as once assets leave an FDIC-insured account, the user is essentially on their own when it comes to asset security. The crypto banking space is still highly in development, but with a proper decision or announcement, this sector of crypto could see huge adoption at any given point in 2022.
In addition to financial institutions becoming more involved in blockchain and crypto, another area of finance taking the world by storm is decentralized finance (or DeFi). In DeFi, rather than needing a bank for things like insurance, loans, and currency exchanges, DeFi platforms such as AAVE provide a platform for investors and asset holders to exchange value in a trusted environment, without the need for a trusted intermediary. The result of this innovation has seen the decentralized finance sector go from approximately $50 million in market cap at the beginning of 2017 to approximately $150 billion in 2022.
One of the big criticisms with DeFi platforms is that they are being developed too fast, resulting in erroneous code that hackers can exploit. Although that doesn’t speak for all platforms in the decentralized finance space, there have been a number of hacks that have resulted in millions of dollars lost. Two examples of such DeFi hacks include the ones that occurred on Alpha Homora, where the cybercriminal was able to extract $37.5 million in funds, and the Poly Network hack that resulted in over $600 million in funds being stolen and then surprisingly returned by the hacker. Check out our recently published recap of the 10 Biggest DeFi Hacks of 2021, showcasing the enormity of the security problem in DeFi.
As with other areas of crypto, best practices with sensitive data like seed phrases, passwords, keeping hardware and software up to date, and proper due diligence on platforms you use, should all be followed to avoid becoming the victim of a DeFi hack.
Most people associate blockchain with cryptocurrencies and financial applications, and are unaware that blockchain technology also serves an array of functions that involve tracking, security, asset title transfers, tax regulation and have many real-world use cases. For example, luxury car manufacturer BMW has worked with the popular VeChainThor blockchain to develop a car security platform, and Google has tapped the decentralized blockchain oracle network Chainlink as its official Cloud Partner, showing the tech giant’s deep interest in blockchain technology. And with blockchain gaining more momentum than ever, the chances of these technologies affecting your operations or a company you work with in 2022 increase as well.
One of the big security topics of 2021 was ransomware. And as we see more blockchains and blockchain tech being deployed in organizations, we may also see the rise of ransomware attacks in 2022 and beyond. Especially if your organization is considering implementing blockchain tech or scaling its current blockchain solution, knowing how to spot and protect yourself from ransomware attacks should be a top priority. We have an article that covers this topic in detail here.
Blockchain has been one of the most popular discussed trends of the last decade, and with that, true mass adoption is on the horizon. Cybercriminals are fully aware of this growth and continually evolve their strategies to steal pass phrases and credentials, as well as get unauthorized access to sensitive information. In 2022, as blockchain grows and your organization and stakeholders grow with it, you’ll want to know how you can keep your data as safe as possible. To find out how you can protect yourself and your organization, reach out to our blockchain cybersecurity experts at halborn@protonmail.com.