"Hackers Need To Get Lucky Only Once" - Excerpts on Fighting Crypto Hacks, Theft and Fraud

Earlier this month, blockchain analytics firm Elliptic reported $376 million was lost in crypto hacks in merely 5 days. That is an incredulous number, and even more alarming is the frequency of hacks. In August, the BBC reported:

“Incidents involving tens of millions, or even hundreds of millions, of dollars are happening almost every few months”

It seems “few months” has transitioned to “few weeks” or even “few days”, even as crypto activity reaches record-breaking highs.

Yet fighting against crypto hacks, thefts and fraud is fundamentally hard. Crypto exchanges and custodians need to defend against every assault, whereas assailants only need to prevail once.

“We only have to be lucky once, you will have to be lucky always”

-The words of the Irish Republican Army when they narrowly failed to assassinate then-Prime Minister Margaret Thatcher in 1984

Furthermore, unlike traditional financial institutions that are regulated and insured (e.g. by FDIC in the US and SDIC in Singapore), much of the crypto world remain unregulated or in the ‘gray’ zone, where options for recourse are limited at best.

As a result of these challenges, I believe that we will see the increasing prominence of several industry verticals, from regtech to trust & safety. These industries have already existed for decades, mostly to serve environments prone to fraud and attacks: financial services, peer-to-peer marketplaces, etc. The explosion of crypto and blockchain in 2021 creates not just another complex environment to manage but also carries implications across existing non-blockchain-native environments.

To better understand how this looks like, I decided to ask a few trust & safety professionals:

How will trust & safety evolve in 2022, especially with the rise of blockchain & crypto?

Here’s what some of the trust & safety professionals have shared

Zxane Maddox Soo Zhang Hong, Trust & Safety Specialist, Wikimedia

Trust & safety will see their function expand from not just only creating a safe and inclusive environment for end users but into a focus where trust have to be actively built within the community in terms of NFT Products. This will be especially important for customer retention.

Vejeps Ephi Kingsly, Assistant Vice President — Strategy and Practice — Trust and Safety, Genpact

While various regulations are being drafted for web 2.0, we are at the cusp of web 3.0. With evolving user behavior and technological adoptions (eg. -AR/VR/XR), the role of trust and safety would be significant to deliver trusted experiences while managing context and nuance. 2022 would demand huge AI/Tech strides and people skills in Trust and Safety to solve every nuance of content abuse to NFT frauds. There is a tussle between centralized and decentralized systems of safety, privacy, and decision-making. The next phase of the internet would need a better understanding, structures, and implementation of solutions.

Christopher Lin, Global Head of Risk and Response, Trust and Safety, Kuaishou Technology

In 2022, we’ll see pioneering companies start thinking about the user’s role in managing personal safety in the metaverse where the effects of harmful behaviours treble. As countries compete, the proliferation of cross-jurisdiction legislation on data localisation, privacy, and market access will present trade-offs between privacy and safety.

Chakshu Raina, Vice President Of Product Management, Nium

Trust is first in the new world. An early investment in user trust will be a moat for crypto companies as regulators get more vigilant.

Vanessa Sutandar, Trust & Safety Lead, BukuWarung

The blockchain does not generate or get rid of trust. It purely converts trust from one form to another: From financial institutions to the technology itself.

Mahmoud Laajimi, Trust & Safety Ops Lead, Accenture

Trust and safety needs to keep up with the technological developments of financial services, and therefore must extend coverage to crypto transactions

Andreas Yudhistira, Driver Fraud, Trust and Safety, Shopee

Trust & safety are mindsets. See how we believe that cryptocurrency is a ‘trustworthy’ instrument, as an alternative to existing currency that is prone to failure management by financial institution

Why 2022 will be the year for blockchain compliance, regtech, trust and safety

As many of the risks, frauds, and attacks in the blockchain and crypto space became increasingly known in recent, I believe 2022 will be the year where we see the rise of many promising companies in blockchain compliance, regtech, and trust and safety addressing these challenges.

Like in Web2.0 cyber security, there can be no end - as long as there are aggressors, there will always be a need for defenders. Yet what we can all take heart and encouragement in is many of the “unknown unknowns” are finally becoming “known unknowns” (e.g. how to travel rule will impact the ‘trustless’ promise of crypto exchanges) and “known knowns” (e.g. AML/KYC for on- and off-ramps).

If you’re thinking of, or currently are building solutions in blockchain and crypto compliance, regtech or trust & safety, do connect with me on LinkedIn here, or [email protected]. Let’s continue the conversations, and keep up the fight!

Disclaimer: All opinions and views are views of their own and do not represent the views of their employer and affiliates.