Despite the bear market, cybercriminals stole nearly $4 billion in cryptocurrency in 2022, according to a report by analytics firm Chainalysis. This is the highest annual total ever recorded for crypto hacks.
Former Department of Justice special agent Lilita Infante’s crypto crime-fighting startup CAT Labs today unveiled a programme to fight hacking, with support from companies like the digital asset custody provider Fireblocks.
According to Infante in an interview with Fortune, the effort was created as a result of the large number of calls she received from investors and insurance businesses asking how to reduce cybersecurity risk, which made it difficult for them to collaborate with cryptocurrency enterprises. Due to CAT Labs’ emphasis on digital asset recovery, it frequently interacts with businesses that have suffered financial losses as a result of cyberattacks.
For businesses looking for finance and insurance, cybersecurity certifications like SOC and ISO standards offer assurance that the enterprises have at least a basic level of cybersecurity protections in place. Nevertheless, Infante came to the realisation that the widely accepted certificates were insufficient for the crypto business, where a large number of hacks originate from flaws that the accepted certifications do not cover, such as the handling of private keys and the need for multifactor authentication when signing transactions.
The CryptoCurrency Certification Consortium, or C4, does have a more specialised standard called CCSS, and both the cybersecurity company Halborn and the consulting behemoth Deloitte have been certified to use it. The crypto sector, however, has only just begun to accept the standard.
“People have dollar signs in their eyes during the bull market,” Infante claimed, saying that investors did not push for potential portfolio businesses to embrace the standard when funding and term sheets were flowing. We’re beginning to sit down and consider what the major difficulties are that this sector is facing now that things have somewhat calmed down.
Although common sources of crypto hacks, including code flaws and protocol attacks, may not be covered by the CCSS standard, managing private keys would help reduce risks. Infante stated that she is working with C4 to advance cybersecurity standards in the hopes that they will help CCSS establish itself as the “gold standard” for the sector, which will in turn entice greater participation from venture capital firms and insurance companies that are scared of cyberattacks. Additionally, it would appease authorities like the Commodity Futures Trading Commission, which has started to focus on the cybersecurity dangers associated with cryptocurrency firms.
In a statement provided to Fortune, Michael Shaulov, CEO of Fireblocks, claimed that initiatives like these will “solidify the security infrastructure required for digital asset custodians, crypto hedge funds, and other businesses in our industry.”