Why Cybersecurity Is an Important Consideration for Crypto Hedge Fund Launches

The looming threat of an exploit remains a hurdle as traditional asset managers spin up crypto funds.

AccessTimeIconOct 29, 2021 at 3:16 p.m. UTC
Updated May 11, 2023 at 5:46 p.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global hub for everything crypto, blockchain and Web3.Register Now

More investment managers are trading digital assets as interest in cryptocurrencies continues to grow. AIMA’s Global Crypto Report, released over the summer, showed that around 20% of hedge funds are now investing in the space.

As a fund manager, protecting intellectual property, the complex algorithms, systems and data that allow them to generate returns, is paramount. That is why cybersecurity is an important consideration for both traditional managers moving into the space and newer startup funds.

  • Key Takeaways From Elliptic’s Case Study of Ransomware Attacks
    Key Takeaways From Elliptic’s Case Study of Ransomware Attacks
  • Crypto and Security: Tips to Prevent Hacks for Exchanges to Nations Embracing Bitcoin
    Crypto and Security: Tips to Prevent Hacks for Exchanges to Nations Embracing Bitcoin
  • How to Keep Your Crypto Safe
    How to Keep Your Crypto Safe
  • US State Department Offers to Pay for Cybercrime Tips With Crypto
    US State Department Offers to Pay for Cybercrime Tips With Crypto
  • George Ralph, global managing director of cybersecurity firm RFA, has witnessed a large uptick in crypto clients in the U.K. looking for security and infrastructure solutions.

    Ralph says the three biggest challenges that traditional funds cited when looking at a potential move into the crypto space were “regulatory uncertainty, reputational risk and lack of infrastructure.’’

    Exploits remain common in the digital assets space, especially in the more experimental realm of decentralized finance (DeFi).

    In August, more than $600 million was stolen in one of the biggest crypto heists to date. Hackers were able to exploit a vulnerability in Poly Network, a decentralized finance platform that allows different blockchains to connect to work together.

    In an unexpected twist, the hacker responsible returned a large majority of the stolen funds after experts and businesses said they would track their activity on the blockchain. Mt. Gox, the world’s largest bitcoin exchange at the time, filed for bankruptcy in March 2014 after hackers stole $460 million worth of crypto.

    “Simple and secure storage solutions are urgently needed for the more than 221 million crypto users around the world who are targets for fraud and theft,” according to Jon Wilk, CEO of CompoSecure.

    “More than $8 billion in crypto has been hacked or stolen in 2021 thus far, doubling the previous year, including examples of crypto exchanges being hacked, personal devices being compromised, or usernames and passwords being phished that were part of these growing losses,” Wilk said.

    With regard to crypto fund launches, the key thing in terms of threats is event-driven, there is a huge focus on insider threats, said RFA’s Ralph, and this has been exacerbated by the move to working from home following the COVID-19 outbreak.

    Investors looking to launch funds in the post-COVID era are having to hire people they have never met before; conducting checks on potential new hires is harder in this current paradigm, Ralph said.

    Peter Habermacher, CEO of Aaro Capital, said the “key targets for criminals are usually bank accounts or the assets of a fund. However, leakage of confidential information, intellectual property and personal data can be equally harmful and the issues in this regard can sometimes be internal.”

    But not all that’s new is without precedent.

    “Crypto asset funds are like hedge funds in the 1990s”, said Habermacher. “The market is dominated by startup managers who are operationally weaker than their established counterparts in traditional asset management and, as such, they often do not have the necessary cybersecurity procedures in place to completely satisfy institutional due-diligence processes.”

    More needs to be done on the regulatory side, Habermacher said, to ensure that “crypto service providers such as exchanges and custodians are properly regulated and adhere to minimum security and process standards.”

    Crypto criminals stole $1.9 billion in 2020, according to a report from blockchain sleuthing firm Ciphertrace, down from $4.5 billion in 2019.


    Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

    CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

    Author placeholder image

    Will Canny is CoinDesk's finance reporter.

    Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.