Leading blockchain analytics firm Chainalysis will provide fraud detection support to white-hat hackers at Web3 security company Halborn. Together, the companies plan to develop a state-of-the-art safety protocol for the Web3 space.
"Halborn is excited to announce a strategic partnership with data platform Chainalysis to enhance their safety offering for Chainalysis and Halborn's enterprise and native Web3 clients," Halborn CEO Rob Behnke announced yesterday in a blog post about the collaboration.
Read also: Cryptocurrency laundering at peak in 2022 with growing use of DeFi
Behnke outlined the steps Halborn and Chainalysis are taking to offer "the best-in-class protocol safety to help equip Web3 companies at any stage to prevent and respond to security threats that have plagued the industry."
According to the post, Chainalysis will focus on investigative tools that can be used to recover stolen cryptocurrency, while Halborn will leverage its expertise in smart contract auditing and preventative security.
The protocol development process is divided into seven phases. The first five will be conducted by Halborn, which will handle the initial assessment of the project, design security services, audit smart contracts, and perform penetration testing (also called pen testing, which involves simulating a cyberattack to assess the level of security of the system). Halborn will also be involved in the post-deployment phase.
Meanwhile, Chainalysis will work on fraud prevention and ongoing monitoring.
Scott Gralnick, Halborn's director of channel partnerships, told Blockworks in an interview Tuesday that the goal of the cross-company collaboration is to address growing security issues affecting the digital asset ecosystem. "The key takeaway is that we're trying to keep the ecosystem safe, and you can't do anything on your own, If you want to go fast, go alone. If you want to go far, go together," Gralnick said in the interview.
While Gralnick believes the ecosystem is currently going through a phase similar to the post-ICO boom in 2019, with a temporary decline in scam activities, Chainalysis reported that last year was the largest for crypto hacking in the entire history of the industry. According to Chainalysis data, $3.8 billion was stolen from cryptocurrency businesses, which was half a billion dollars more than in 2021 and nearly six times more than in 2020 when total stolen funds were only $500 million. DeFi protocols were the greatest victims of cyberattacks, accounting for 82.1% of all entities targeted by hackers.
Halborn COO David Schwed commented on these statistics in the same Chainalysis report. He believes that the high vulnerability of DeFi protocols is the direct result of companies being too focused on the growth and scalability of solutions, which is often not accompanied by an adequate increase in cybersecurity measures. "The DeFi community generally isn't demanding better security - they want to go to protocols with high yields. But those incentives lead to trouble down the road," Schwed told Chainalysis.
He also shared with the blockchain analytics firm his expert opinion on the security measures that can be taken by companies specializing in DeFi solutions. As per Schwed, DeFi protocols can take advantage of some of the best practices adopted by centralized banking institutions.
He emphasized the importance of regular pen testing to assess protocol resilience to cyberattacks, as well as the use of automated processes that pause protocols after detecting suspicious activity without human supervision. Schwed also strongly recommended leveraging the transparency of cryptocurrencies. He cited the Ethereum blockchain as an example, as it allows users to view transactions in the mempool before they are confirmed in the blockchain.
Read also: Crypto fraud revenue down 46% but romance scams are on the rise: Chainalysis 2022 report
As for the size of an average cybersecurity team for a DeFi project, Schwed is convinced it should include at least ten specialists from different disciplines.
Meanwhile, Chainalysis is hosting the final day of Links 2023 in New York, a two-day annual conference on the evolution of the cryptocurrency ecosystem. This year, the event was attended by leaders of some of the top companies operating in the Web3 space, including Shiva Rajaraman, a chief business officer at OpenSea, WIRED's senior writer Andy Greenberg, Tigran Gambaryan, a head of Financial Crime Compliance at Binance, Philip Martin, a chief security officer at Coinbase, Michael Bouhanna, a head of Digital Art and NFTs at Sotheby's and others.
Law enforcement representatives, Santa Clara County criminal investigator Dave Berry and Thomas Galati, chief of Intelligence and Counterterrorism for the New York City Police Department, also attended the conference.