Disclosure: The views and opinions expressed herein are solely those of the author and do not represent the views and opinions of the crypto.news editorial.
2023 has been characterized by bearish conditions that flattened markets and a strong focus on regulation and compliance through the lens of large-scale collapses and fraud incidents in 2022.
However, things rarely stay quiet for long in this industry and change is already in the air. While the issue of prison sentences for Sam Bankman-Fried and Changpeng Zhao may still be pending, the drama of the legal battles appears to be largely resolved, and the sector is buzzing with anticipation of a new bull market ahead of the anus. forward. The expected spot approval of an ETF and the upcoming bitcoin halving add to the growing speculation.
While a change in market conditions is good news, it inevitably brings new challenges for web security professionals3. Here are three macro trends that will shape the web3 security landscape over the next year.
Hacks and scams are on the rise
Cybercriminal activity on web3 has an unfortunate tendency to follow the ebb and flow of the markets. crypto-craze” target=”_blank” rel=”noopener”>According According to the US Federal Trade Commission, crypto scam losses in 2021, when bitcoin (btc) hit its all-time high, were sixty times the levels seen in 2018. However, the most recent data from Chainalysis crypto-crime-midyear-2023-update-ransomware-scams/” target=”_blank” rel=”noopener”>suggests That fraudulent activity was reduced by up to 77% in 2023 compared to the previous year.
However, Chainalysis notes that certain types of fraudulent activity, particularly phishing scams, are actually showing an increase. Furthermore, if the market recovers in 2024, as many analysts believe it will, scammers will once again be attracted to the financial opportunities of cryptocurrencies.
<img decoding="async" width="1536" height="988" src="https://crypto.news/app/uploads/2023/12/image-34.png” alt=”Scammers on the rise: Three on-chain cybersecurity predictions for 2024 | Opinion – 1″/>
Ransomware will increase in 2023 | Fountain: crypto-crime-midyear-2023-update-ransomware-scams/” target=”_blank” rel=”noopener”>Chain analysis
Therefore, we are likely to see not only an increase in the number of scams, but also increasing levels of sophistication and consolidation in the activity of scammers. An example is advanced evasion techniques. designed to cover up fraudulent actions. These include spoofing, which involves disguising malicious entities as benign by imitating legitimate characteristics; transformation, where fraudsters change the behavior of a smart contract based on context; and obfuscation, making it difficult to detect and understand harmful code.
Off-chain signatures, which allow transactions to be signed without transmitting them to the blockchain network, are another area of vulnerability that scammers take advantage of. In signature phishing scams, the attacker will create a scenario such as a fake dapp that requires the user to generate an off-chain signature for a transaction that appears legitimate. An example could be providing a signature to include an nft, where the user inadvertently signs a transaction that will allow the scammer to drain all the NFTs from their wallet.
The recent shutdown of Inferno Drainer, a toolkit that equips fraudsters with the technical means to steal from wallets, is certainly good news for the industry. However, it is unlikely to be the last of its kind, given that it is reportedly responsible for stealing $80 million in cryptocurrency this year alone. We can expect to see more of this type of consolidation activity among scammers in 2024.
Expanding web3 cybersecurity capabilities
Just as fraudulent activity will become more sophisticated, the web3 cybersecurity ecosystem is also gaining new features and tools to help fight scams and illicit activities. Attack detection protocols have already identified attacks that have occurred, including the theft of $33 million from SushiSwap in April 2023, before the funds were withdrawn.
On-chain extensions, similar to wallet extensions, can further support threat prevention by performing risk monitoring using real-time on-chain data, providing an additional layer of protection for users and protocols.
Furthermore, on-chain data and analytics will take on new dimensions thanks to the growing participation of TradFi and institutional liquidity, bifurcating the sector. The open, pseudonymous, and permissionless protocols that dominate the industry today will increasingly operate alongside their permissioned, compliant, and secure counterparts. Additional layers of data and information will improve the capability and accuracy of risk profiling, benefits that may be compounded by new advances in artificial intelligence and machine learning.
A more strategic web3 cybersecurity approach
With each market cycle, the maturity of the crypto and web3 space grows. Projects and companies are increasingly aware that they must go beyond a code audit to demonstrate a commitment to cybersecurity and stay one step ahead of fraudsters. A comprehensive strategy is required that starts with secure design and extends to threat monitoring and prevention solutions.
Threat management must take a holistic approach to risk, using preventive measures such as asset segregation and transaction detection, combined with mitigation measures such as circuit breakers, along with reactive relief such as insurance.
To meet this demand, vendors like Forta have developed cybersecurity tools, such as blockchain scam detectors and attack detectors, that are designed specifically for the needs and threats faced by Web3 operators.
Looking ahead to the year 2024, the palpable sense of optimism is long-awaited and deserved. However, aware of the risks that increased wealth and liquidity will bring, Web3 companies must be prepared for a new wave of threats facing the industry and have all their cybersecurity barriers in place to keep assets and assets safe. users.
