As cryptocurrency adoption increases and project building on Web3 becomes more popular, blockchain security has become a mainstay for users and developers. In a conversation with TinTucBitcoin, Hacken CEO Dyma Budorin highlighted the need for comprehensive compliance solutions by 2025.
The Need for Greater Security Measures
As 2025 approaches, experts are assessing the frequency of data breaches that blockchain has faced and their negative impact on user experience. This year, cryptocurrency security breaches have escalated, with losses surpassing $2.9 billion across multiple industries, according to the recent Web3 security report developed by cybersecurity firm Hacken.
Access control vulnerabilities have emerged as the dominant threat vector, contributing to 75% of all attacks. This trend, observed across DeFi, CeFi, and gaming/metaverse platforms, highlights the prevalence of security weaknesses related to operational security and access management. Phishing scams also caused significant losses, resulting in losses exceeding $600 million.
“It is clear that the industry cannot ignore operational security. Comprehensive auditing, strict access control protocols, and sustainable key management systems need to become the norm,” Mr. Budorin said in an interview with TinTucBitcoin.
The significant losses experienced in 2024 highlight the urgent need for the cryptocurrency industry to prioritize overarching security measures and comprehensive audits to mitigate future breaches and ensure Protect user assets.
A Bad Year for Access Control
Budorin identifies access control issues as the most important challenge facing Blockchain security today, especially the reduction of private keys in project teams, affecting CEOs and developers. development. According to Hacken’s report, in 2024, access control breaches, mainly related to private key compromise, resulted in losses exceeding $1.7 billion. This is a significant increase from 1 billion USD the previous year.
“Notably, major incidents such as Radiant Capital and Orbit Bridge highlight the consequences of poor key management and the absence of multi-signature solutions or regular audits,” Mr. Budorin added.
In October, a major attack on Radiant Capital caused $55 million in losses and affected more than 10K users. The attack exploited vulnerabilities to gain control of three Radiant private keys, allowing them to withdraw funds from the platform.
Attackers exploited the vulnerability by injecting malware into developer devices, allowing them to block and manipulate legitimate transaction approvals despite using a hardware wallet. Orbit Bridge, a cross-chain bridging service, suffered a larger attack on New Year’s Eve last year, resulting in approximately $82 million in losses. According to Hacken, this incident marks the largest DeFi hack of 2023. Despite using multi-signature technology, which requires multiple parties to validate transactions, the attacker compromised seven out of ten validators, highlighting the loss. Serious flaws in the system. The stolen funds were mainly stablecoins, including 30 million USDT, 10 million USDC, and 10 million DAI. In addition, 231 WBTC (10 million USD) and 9,500 ETH (21.5 million USD) were also compromised. The attackers transferred the stolen funds through an intermediary address before laundering them through a cryptocurrency mixer.
Prioritize Higher Cyber Security Standards
By 2025, mandatory compliance should become a reality for all projects developing on blockchain, Mr. Budorin said.
“Mandatory compliance by 2025 will mark a turning point for the cryptocurrency industry, promoting much-needed transparency, accountability, and operational sustainability,” Budorin told TinTucBitcoin. Regulations such as MiCA (Markets in Crypto Assets), DORA (Digital Operations Sustainability Act), and AML Package will require centralized cryptocurrency service providers, fiduciaries, and other partners apply higher cybersecurity standards, robust reporting mechanisms, and rigorous operating procedures.”
In addition to these legal regulations, Budorin calls on all blockchain projects to address cybersecurity by complying with the Cryptocurrency Security Standard (CCSS). CCSS provides a comprehensive framework to enhance the security of cryptocurrency systems. The layout of CCSS emphasizes thorough key management practices. In its compliance mechanisms, CCSS requires secure key generation using standard random bit generators to minimize the risk of key compromise.
Encrypted storage and controlled access mechanisms are implemented to prevent unauthorized use of keys. Conversely, correctly implementing multi-signature setups and distributed key management minimizes the risk of exploitation by a single entity. These standards recommend adopting multi-layered security measures, performing regular security audits, and establishing strict access control guidelines.
By complying with CCSS, organizations can significantly improve their ability to protect private keys. This will reduce the frequency and severity of security breaches related to access control vulnerabilities. Budorin believes that such losses could have been avoided if Radiant Capital and Orbit Bridge had complied with CCSS guidelines.
UAE Positions Itself as a Leader in Blockchain Security
Some countries have adopted extensive protocols to ensure Web3 participants follow operational security practices.
“The UAE, and specifically Abu Dhabi Global Market (ADGM), is emerging as a global leader in blockchain security and innovation thanks to its progressive regulatory framework, strategic vision and ability to leverage a developed technology ecosystem,” Mr. Budorin said.
ADGM is a financial free zone on Al Maryah Island in Abu Dhabi. Established in 2013 by Federal Decree, ADGM is the city’s financial center, with its own independent legal and regulatory framework.
“ADGM has established itself as a regulatory pioneer, balancing innovation and compliance. By creating clear, progressive guidelines for blockchain and digital assets, ADGM attracts businesses looking for a secure, compliant environment to grow,” Budorin explained.
In April, ADGM and Hacken signed a Memorandum of Understanding (MoU) to collaborate on enhancing blockchain security. This alliance aims to develop effective security standards and on-chain tracking solutions within the ADGM DLT Platform framework.
“Together, we are working to set global standards for Web3 security by providing advanced security audits, penetration testing, and compliance solutions for blockchain projects in UAE and beyond,” Mr. Budorin said.
Mr. Budorin hopes to see more collaborative efforts in the future, prioritizing security and promoting a sustainable Web3 ecosystem.