2018: A Record-Breaking Year for Crypto Exchange Hacks

The CEO of one of the largest crypto security companies recaps his takeaways from the year that was.

AccessTimeIconDec 29, 2018 at 9:55 p.m. UTC
Updated Sep 13, 2021 at 8:43 a.m. UTC
AccessTimeIconDec 29, 2018 at 9:55 p.m. UTCUpdated Sep 13, 2021 at 8:43 a.m. UTC
AccessTimeIconDec 29, 2018 at 9:55 p.m. UTCUpdated Sep 13, 2021 at 8:43 a.m. UTC

Eric Larcheveque is the CEO of Ledger, a leader in security and infrastructure solutions for cryptocurrencies and blockchain applications since 2014.

The following is an exclusive contribution to CoinDesk’s 2018 Year in Review. 

2018 year in review
2018 year in review

2018 was a record-breaking year.

From the number of cryptocurrency exchange hacks, to the amount of assets that were stolen, to the largest exchange hack of all-time, crypto set a lot of records. Too bad they're not the kind of records crypto innovators will be boasting about next year.

Although cryptocurrency continues to become more mainstream, this goes to show awareness around how dangerous it is to keep your crypto on exchanges doesn’t seem to be keeping pace.

screen-shot-2018-12-29-at-4-51-41-pm

It has been a very volatile 12 months for cryptocurrency markets, and as the value increased earlier in the year, so did the number of new investors. With these new investors came an increased interest from hackers, and because the markets grew so quickly, exchanges didn’t have the time or resources to build resilient security solutions.

Key Lessons for 2019

  1. Exchanges suffer from systemic risk – By having to secure billions of dollars in deposit, they are a magnet for hackers. It is much less risky and much more profitable to hack an exchange rather than a bank vault. Exchanges are usually fintechs first and not cyber security companies. They have demonstrated in the past that their security culture and awareness wasn’t always up the the level of the assets they've had to secure.
  2. Hacks are becoming more sophisticated – As cryptocurrency becomes more mainstream, so do its hackers. With so much value at stake, more hackers have dedicated their time to stealing from these exchanges. 2018 saw hackers deploy state-of-the-art attacks, such as social engineering, where they stole identities and pretended to be other people to successfully steal investor’s crypto assets. To combat the smartest hackers in the world, crypto asset owners need the most sophisticated security technology available.
  3. Each day $2.7 million is stolen from exchanges – The amount of stolen cryptocurrency from exchanges in 2018 has increased 13 times compared to last year. This amounts to $2.7 million in crypto assets being stolen every day, or $1,860 each minute.
  4. With a record number of hacks in 2018, the need for security is clearer than ever before – As we look to 2019, we can expect more enterprise security solutions to come to market. In addition to more money being invested in security, 2019 will see individual investors become more aware of the need to protect their critical digital assets. With increased digitalization, individual data and security will only increase in importance.

Solutions for Today

Exchanges are prone to hacks, because they centralize the risk and must keep part of their private keys online to allow real-time withdrawals. Moreover, crypto investor credentials on exchanges are also a massive security threats.

If your email gets compromised, you can usually kiss any crypto wallets you have on exchanges goodbye. Ensuring the security of your crypto assets yourself, through the use hardware wallets gives you the highest protection level.

Hardware wallets empower you with the ownership and control of your crypto assets. But with great powers comes great responsibilities: being your own bank is certainly not trivial and requires discipline. Using a hardware wallet doesn't make you invincible against social engineering, physical threats or human error.

Use common sense, and apply basic security principles.

  • Don’t use a cryptocurrency exchange for long-term storage.
  • If you do, use two-factor authentication, preferably one that is not limited to devices connected to the internet.
  • For your hardware wallet, choose a PIN code that you can remember, but is secure and not easy to guess.
  • Keep your 24-word recovery sheet well secured and never enter it on any device that is connected to the internet.
  • Only trust what you can see on your hardware wallet screen. Verify your reception address and payment information on device.
  • Always treat with caution information shown on your computer or smartphone screen. Assume software can get compromised anytime.

Crypto hackers are getting more sophisticated, but by following these rules and storing your cryptocurrency on a hardware wallet, you will ensure your assets stay protected.

Have an opinionated take on 2018? CoinDesk is seeking submissions for our 2018 in Review. Email news [at] coindesk.com to learn how to get involved. 

Bank vault via Shutterstock


Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.


Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.