- Buy Microsoft Visio Professional or Microsoft Project Professional 2024 for just $80
- Get Microsoft Office Pro and Windows 11 Pro for 87% off with this bundle
- Buy or gift a Babbel subscription for 78% off to learn a new language - new low price
- Join BJ's Wholesale Club for just $20 right now to save on holiday shopping
- This $28 'magic arm' makes taking pictures so much easier (and it's only $20 for Black Friday)
Bitcoin Soars but Will Security Risks Spark Greater Regulation?
By Marcella Arthur – VP, Global Marketing at Unbound Tech
Cryptocurrency is now the third largest payment system in the world, hot on the heels of Visa and Mastercard after roaring past American Express. This remarkable growth has led to Bitcoin breaking through the $20,000 level for the first time and even more organizations are accepting digital currency in their transactions as crypto hurtles towards the mainstream.
Regrettably, entirely avoidable hacking incidents such as that which hit the major cryptocurrency exchange, KuCoin, in September last year have exposed a lack of basic safeguards. The KuCoin attack saw 150 million dollars’ worth of Bitcoin and other cryptocurrency tokens compromised. This astounding blunder, considering current security standards, happened when hackers found the full private keys to the Singapore-based exchange’s hot wallets.
With the rise in popularity of Bitcoin and other cryptocurrencies, cryptocurrency exchanges are increasingly considered to be the new banks. As they store these currencies in high value, they become a prime target for cyber attacks. If the industry fails to self-manage this ecosystem and protect assets effectively, we can expect to see greater and more restrictive regulation. This poses a challenge for wider adoption among larger institutions and banks with strict views on risk and compliance. In order to avoid becoming overregulated, this mushrooming sector requires a pre-emptive, rigorous security strategy to keep hackers at bay.
Protecting assets must now be the focus
The KuCoin attack is a wakeup call for the crypto exchange platforms. Following this attack, it should be obvious to everyone that full cryptographic keys should never again be kept in one place. Headline grabbing incidents such as KuCoin are incredibly frustrating because they should be simple to avoid. The reality is that while entrepreneurs are great at knowing how to build companies, all too many don’t necessarily think about how to protect assets from a security point of view.
Essentially, to tackle security properly it is necessary to hire the right people. For example, small start-up businesses/companies that don’t have a CSO because budgets are tight should hire an SaaS vendor if at all possible as a secure infrastructure is vital. As businesses grow and start to manage more assets and can afford full-time security staff, they should start to rely on professionals to secure their infrastructure for them, either in-house or externally. Often the problems arise when entrepreneurs misguidedly believe they have enough knowledge to do the security on their own.
The industry is turning to MPC
As the industry continues to evolve from the speculative phase into a new generation, the game is set to change significantly and security will have to be at its core. It is important that financial institutions work to raise confidence in crypto as a reliable way to transfer value.
The time has come for the crypto industry to improve its security and set a better precedent. Otherwise it is likely to become over regulated. With new investors joining the market with a very different mindset on risk factors, they are going to vote with their money and will chose to invest in firms that can demonstrate regulatory compliance or have a framework to demonstrate they can do what is necessary to secure their investments.
Technology solutions are available to deal with the security of assets and for any licensed or unlicensed financial institution there should be a long-term strategy to invest in these types of solutions so that they can give confidence to market participants and elevate the industry as a whole.
One such solution is multi-party computation (MPC), a cryptographic protocol that distributes computation across multiple parties and ensures privacy so no individual can see the other parties’ secrets. MPC never keeps keys in one place and offers strong cryptographic key protection capabilities in pure software, allowing organizations to perform calculations on encrypted data without unencrypting it.
MPC has so many potential use cases that an entire organization has been founded around it, The MPC Alliance, co-founded by Unbound Technology and Frank Weiner, Sepior, brings the industry together and raises awareness. Since its launch in November 2019, its membership has tripled and major global companies are getting involved. More vendors are offering MPC-based wallets and the market is becoming much more aware of it, so the conversation around MPC is set to continue and evolve.
Protecting a burgeoning market
There’s no doubt it is going to be a real challenge to persuade firms to make some major changes in order to achieve incremental improvements in their data security. However, this challenge is easily overcome because along with being an enhanced platform for operational security, MPC is a superior operation framework which can provide enough cost savings to pay for itself.
With more and more firms realising this and starting to see the benefits of MPC for themselves they will be able to use its flexibility and agility to support their evolution along with the rapidly changing crypto currency market which will help to safeguard its future.
About the Author
Marcella Arthur is VP, Global Marketing at Unbound Technology. At the heart of Unbound lie sophisticated applications of Multi-Party Computation (MPC), developed by Unbound’s co-founders, Professor Yehuda Lindell and Professor Nigel Smart, world-renowned cryptographers. MPC offers a mathematical guarantee of security that fortifies Unbound’s disruptive technology. For the first time, trust-contingent operations are enabled anywhere, reaching far beyond the boundaries of physical infrastructure.