Why all regulated firms should be paying attention to the latest crypto-heist

Although not the first high-profile cryptocurrency hack, the recent theft of $600m worth of cryptocurrency tokens from the cross-chain platform Poly Network certainly ranks highly amongst the most interesting. An anonymous hacker managed to exploit a vulnerability within Poly Network’s system which allowed the individual to steal a wealth of tokens including both Ether and Binance coins. Though details of the hack are still emerging, the hacker did publish a three-page long self-interview style Q&A outlining their motives for the cyber-attack.

Where the story diverges from past heists of this nature however is in the hacker’s commitment to return the stolen funds shortly after stealing them. Claiming to have only been interested in exposing the vulnerabilities to prompt Poly Network to improve its security, the hacker has since initiated the return, earning the name “Mr. White Hat” from Poly Network (a reference to the term “white hat” used to describe ethical hackers).

Despite the peculiarities of this particular crypto-heist, the story provides a timely reminder of the importance for all, and not just crypto, firms to assess their cyber resilience and implement any security updates required to guard against attacks of this nature. As noted in the FCA’s Insights from the Cyber Coordination Groups, cyber security threats are on the rise, and the impending implementation of the FCA’s new operational resilience framework only increases the pressure on regulated firms to bolster their security efforts. It is stories such as these that highlight why operational and cyber resilience remains an ongoing obligation.

Written by Brandon Wong