For the first 13 years of cryptocurrency's existence, exchanges
were the epicenter of cybercrime. Peer-to-peer crypto networks have now become
a larger hacking concern in the rapidly expanding industry.
Poly Network,
one of these sites, was the target of a $610 million crypto heist last week,
one of the largest in history. The decentralised finance (DeFi) network claimed
the "white hat" hacker or hackers had returned almost all of the
money within days of the theft.
Interviews
with industry leaders, attorneys, and analysts reveal that the unexpected
conclusion to the Poly Network story conceals fast-emerging dangers in this
expanding sector of crypto, where an estimated $80 billion or more is stored.
DeFi services
enable users to lend, borrow, and store bitcoins while avoiding conventional
financial gatekeepers like banks and exchanges. Supporters argue that the
technology allows for more affordable and efficient access to financial
services.
However, the theft
at Poly Network, a previously unknown site, has shown DeFi's susceptibility to
criminality.
Bugs in the
open-source code used by websites are often exploited by would-be thieves. And,
since regulation is still uneven, victims often have little or no redress.
Crypto
cybercriminals have previously targeted centralized exchanges, which serve as
intermediaries between buyers and sellers of cryptocurrency.
Mt.Gox, a
Tokyo-based exchange, for example, was hacked and lost half a billion dollars
in 2014. In 2018, a $530 million theft struck Coincheck, which is also
headquartered in Tokyo.
Many big
exchanges have subsequently beefed up security in the face of regulatory
scrutiny and the need to attract mainstream investors, and large-scale heists
are now uncommon.
LESS SAFETY
According to
Ross Middleton, chief financial officer of DeFi platform DeversiFi, a focus on
security at big platforms like Coinbase Global Inc has pushed less-secure
venues to the sidelines.
"What's happened is that the larger exchanges have become very excellent (on security), and the lesser exchanges have vanished," he said. "At this point, the border is unmistakably DeFi."
According to
crypto intelligence company CipherTrace, losses from crime on DeFi platforms
are at an all-time high, with thieves, hackers, and fraudsters making off with
$474 million from January to July.
The increase
occurred when money flowed into DeFi, reflecting overall crypto movements.
According to DeFi Pulse, the overall worth of such sites has risen to more than
$80 billion, up from only $6 billion a year ago.
Security
concerns, according to DeFi experts, tend to be found on newer sites that may
operate on less secure code.
"The security and risk gap between established, battle-tested DeFi protocols and new, untested DeFi protocols is growing," said Rune Christensen, the former director of the organization behind high-profile DeFi software Maker.
The usage of
open-source code, according to proponents, allows users to rapidly identify and
resolve flaws, lowering the risk of crime. They claim that DeFi can police
itself.
DeFi is
becoming more important to financial regulators and governments across the
globe that are seeking to regulate the crypto industry.
ACTIONS TAKEN BY THE LAW ENFORCEMENT
Gary Gensler,
the chairman of the Securities and Exchange Commission (SEC), has indicated
that he would take a strong position on DeFi.
In a speech
earlier this month, he said that such platforms might be covered by securities
laws in the United States, and urged Congress to create legislation to regulate
DeFi and crypto trading.
The SEC filed its first enforcement action against DeFi
tech this month, claiming that the business sold unregistered
securities and deceived investors. Further inquiries about the SEC's position
were not answered.
The US
Commodity Futures Trading Commission has also indicated that it would be
scrutinized more closely.
CommissionerDan Berkovitz referred to DeFi as a
"Hobbesian marketplace" in June, referring to a 17th
century philosopher who described life without government as "nasty,
brutish, and short." He said that unlicensed DeFi systems for derivatives
were breaking commodities trading regulations.
Moves are
slower elsewhere. In the United Kingdom, for example, DeFi is still off the
political radar.
While certain
DeFi operations may come within its purview, most of the industry is
uncontrolled, according to a spokesman for the UK's financial watchdog.
According to
some experts, further regulation is unavoidable, since there is little evidence
that DeFi sites can perform the job on their own.
"The sad issue is that in the DeFi industry, (Poly Network) was viewed as simply another Tuesday," said Tim Swanson of blockchain company Clearmatics.
"The industry loves to brag about how open its processes are, but it has repeatedly shown that it is incapable of regulating itself."
0 Comments