While the technical wizardry of hacks often hits the headlines, another quieter threat to crypto firms is lurking much closer to home.
Insiders are responsible for around 22% of security incidents, according to a survey from Verizon, and the financial services industry is the worst affected.
These insider threats range all the way from embezzlement by low-level employees, to colluding middle managers, and star traders thrown off the rails by life shocks such as divorce or drug addiction.
Typical examples include:
Rogue traders
Most famously Nick Leeson, who lost $1.3 billion in unauthorized trades, triggering the collapse of Barings Bank in 1995.
Embezzlement
From minor theft to sophisticated operations like the Equity Funding scandal, in which an insurance company’s management created and insured 60,000 fake people.
Collusion
Either between insiders, as in the case of South Africa’s Postbank when employees copied the master encryption key to steal millions from the bank’s account balances. Or by assisting outsiders, like when a Coutts employee sold personal client details to scammers for £1.2m.
As these episodes illustrate, failing to have adequate controls and oversight can cause significant damage in the traditional financial industry. But in the crypto market, where all the power of asset ownership is conferred by a single string of code, not having such protections can be fatal.
Cybersecurity is first and foremost a people problem (Image from J. Klossner)
Simply holding the private key gives anyone the ability to funnel all the funds out of a crypto wallet. Furthermore, digital asset transactions are irreversible — so you can't simply roll back the blockchain to recover the funds!
As such, despite the entire crypto market cap being barely a drop in the ocean compared to traditional finance, malicious insiders have managed to cause enormous losses in just a few years.
Many of these losses are thought to have been swept under the rug or pinned on innocent outsiders. But others have hit headlines when they were exposed as inside jobs:
Virgil Sigma Capital (2021)
In one of the most dramatic examples, the founder of $90 million fund Virgil Sigma drained almost all of the assets to pay for his lavish lifestyle.
Coinsecure (2018)
Indian exchange Coinsecure lost $3.5 million when the Chief Security Officer allegedly failed to distribute proceeds from the Bitcoin Gold fork to customers.
QuadrigaCX (2018)
Crypto investors were left short of $190 million when the CEO of Canadian exchange QuadrigaCX mysteriously died in India, taking the private keys to customer assets with him.
Such sticky situations are symptomatic of lax internal controls and poor operational security. They also often involve custodial infrastructure designed for individuals that has been repurposed for organizational use. For example, trusted employees might be given unsupervised access to cold storage devices such as Ledger wallets that hold the keys to corporate cryptoassets. Or, the crypto wallets may be shared between team members who flip coins to see who takes the crypto wallet home each night for safe-keeping.
At the next highest level of sophistication, many institutional-grade custody solutions provide much-needed governance tools, but they still require trusted third parties to hold keys or key shards. This minimizes the potential of internal threats, but it leaves the organization exposed to the possibility of custodian corruption, or collusion between centralized services holding sensitive key material, such as cloud storage providers.
Qredo maximizes operational security by enabling organizations to take full control of assets in-house, and introduce their own oversight and controls without the need for trusted third parties:
Vulnerable private keys are replaced with a flexible governance layer, underpinned by decentralized Multi-Party Computation (dMPC).
Governance can be tailored to fit team requirements, with controls and oversight permissions assignable to different roles in the organization — from traders, to approvers, administrators and more.
And unlike multisig, the governance provided by decentralized MPC is operationally flexible; signing thresholds can easily be changed and permissions altered as the organization evolves.
Each custodial action is stamped immutably into the Qredo blockchain, providing assurance that transaction approval records can't be altered. Plus, the logs can be quickly exported for auditing — minimizing the possibility that suspicious transactions go unnoticed.
As we move into the post-covid era of remote-first work, people are hiring team members that they’ve never met before with due-diligence checks often only an afterthought. This makes having adequate institutional controls more important than ever. Not only to guard against malicious insiders, but also — as will be covered in the next installment of #QredoFixesThis — to protect against negligence and human error.