There is a lot of money—both fiat and virtual—in cryptocurrencies.
The growth of these blockchain-based online assets made headlines throughout 2017. The price of Bitcoin, likely the best-known cryptocurrency, rose from less than US$800 to over US$17,000 in the space of 12 months. Bitcoin’s 1000% rise, however, is not enough to put it on the top 10 list of the best performing cryptocurrencies this past year. At the top of that list is Ripple, which rose 36,000 percent in 2017. Hundreds of different cryptocurrencies are in use, with more launching every day. As the skyrocketing price of many cryptocurrencies makes the news, more consumers are thinking about investing. At the same time, more hackers are examining different platforms for weaknesses to exploit.
The amount of money stored in convertible virtual currency makes it is an extraordinarily tempting target for hackers. In October, the Commodity Futures Trading Commission warned that the digital wallets used to store cryptocurrencies and virtual currency exchanges are cyberattacks. This prediction was fulfilled last week, when Ernst & Young reported that more than 10 percent of all funds in initial coin offering are lost or stolen through hacker attacks.
Cryptocurrency platforms have wildly different safeguards to defend against hacking. They are not subject to the supervision that applies to regulated exchanges, putting consumers at risk of losing their virtual assets. The decentralization and irreversibility of blockchain-based cryptocurrencies sets them apart—but it means that there is little recourse once an account is hacked.
On Saturday, the Japanese cryptocurrency exchange Coincheck announced that hackers had stolen US$535 million. A month ago, the parent company of South Korean cryptocurrency exchange Youbit declared bankruptcy after a hacker took 17 percent of Youbit’s assets earlier that year. The most famous hack in the cryptocurrency world was the 2014 loss of US$460 million from Mt. Gox, which quickly led to the bankruptcy of what was the largest Bitcoin exchange in the world. The U.S. Department of Homeland Security has said that a third of bitcoin trading platforms were hacked between 2009 and 2015.
Hackers are also deliberately targeting individual investors. A common method is by calling telecommunications providers and porting the investor’s phone number to a device controlled by the hacker, then resetting the password to the cryptocurrency account and transferring the funds directly to the hacker.
It’s important to remember that while it is difficult to hack into a blockchain-based system, once you load your public key onto a third party like a cryptocurrency exchange, the security of that key is entirely dependent on that third party’s protections. And if a hack does happen, there’s no insurance or Canadian Deposit Insurance Corporation to help regain your funds.
