Cryptocurrency is almost synonymous with “what’s next.” From the probably best-known Bitcoin to Ether, Dogecoin, or any other of the many tokens, crypto has a futuristic air of “tomorrow’s economy today.” With the global cryptocurrency market projected to reach $32,420 billion by 2027 by IMARC Group, digital currency is becoming a fully-fledged, if not yet completely understood, member of the global financial markets.
Yet tomorrow also has brought with it extensive risk, the full range of which isn’t yet even visible.
The massive amount of currency in play, the instability of platforms, and the general lack of regulation around crypto make it a favorite for bad actors. According to Cybersecurity Ventures, crypto crime is predicted to cost the world $30 billion by 2025.
The anonymous aspects of cryptocurrency make it the most-preferred currency by cyber adversaries for carrying out ransomware attacks across industries and for money laundering, terrorist financing, and other crimes. In its analysis of cryptocurrency received by ransomware addresses, Chainalysis identified more than $602 million worth of ransomware payments in 2021, adding that “the true total for 2021 is likely to be much higher.”
The sheer size of the cryptocurrency market makes it impossible to ignore, especially for the traditional banking system as this emerging financial asset class could threaten financial stability.
Decentralized finance (DeFi) platforms, which eliminate the middle layer of banks and other third parties in financial transactions, are one aspect that poses risks. With their promise of facilitating faster and cheaper cross-border payments, they are giving legacy banks a run for their money. To stay current as the world rapidly digitizes, banks must examine the role of these and other blockchain-related technologies – but until regulations, risk monitoring, and governance catch up, the risks are significant.
Primarily seen as a vehicle for speculative investments at present, crypto also lends itself to scams. These include “pump and dump” or “rug pull,” both of which involve raising the price of currency and then dumping it, leaving investors in the cold; phishing scams to gain access to crypto wallets; and much more. The number of cyberattacks on cryptocurrency exchanges is also on the rise.
The explosive growth of the “Metaverse” in recent months has caught the attention of crypto investors. While this new frontier of the internet holds the potential to transform the e-commerce, entertainment, and other industries and can potentially merge the physical and the virtual worlds, concerns around data security and privacy, cybersecurity, and mental health issues, among others, are also growing rapidly. What makes the situation more precarious is the current lack of regulation.
The cyber impact of crypto is so high-profile that in the U.S., the Securities and Exchange Commission (SEC) recently announced that it has renamed its Cyber Unit to the Crypto Assets and Cyber Unit and will nearly double its staff with 50 dedicated positions. Among the risks being monitored will be crypto assets, exchanges, and DeFi platforms.
In the UK, the government announced a series of measures to make Britain “a global hub for cryptoasset technology and investment.” This includes establishing a Cryptoasset Engagement Group, setting up a ‘financial market infrastructure sandbox’ for firms to experiment and innovate, and others.
Regulators in Europe are also working on a comprehensive set of rules that will not only boost the potential of crypto-assets but also help to curb the threats. To address the risks posed by the anonymity feature of cryptos, the European Parliament agreed to start negotiations with EU countries on rules to allow the tracing and identification of crypto-asset transfers. Earlier this year, it adopted new rules to support the testing of the distributed ledger technology (DLT) in market infrastructures.
What the future of crypto holds remains to be seen – but like any risk, the fundamentals remain the same. Implement strong, active cyber risk management, monitoring, and governance; collaborate with quantitative and qualitative insight across your cyber and business teams; and stay agile to stay ahead of tomorrow’s risks today.