FBI warns of cybersecurity concerns on DeFi platforms – Financial Services
To print this article, all you need to do is be registered or log in to Mondaq.com.
Decentralized financial platforms (DeFi) are designed to operate in a decentralized manner primarily through the use of smart contracts. Smart contracts are simply a name given to small “if/then” statements written in computer code that automatically execute. Smart contracts are used throughout the cryptocurrency and blockchain space, are an integral part of non-fungible tokens (NFTs), and can allow things to happen automatically, without human intervention. For example, a smart contract could be coded such that payment for an item could be released upon receipt of a shipment, so if the shipment is received, then the payment is released.
In the case of DeFi platforms, coded smart contracts enable trading in cryptocurrency, stocks, and ETFs; the funds to be transferred between the parties; and even loans to make that are secured by cryptocurrencies or other investments. These smart contracts interact with the blockchain, but in most cases are not written on the blockchain, which means that the smart contracts do not benefit from the encryption protection of the blockchain, and are simply computer code that can be manipulated and hacked like any other computer code, if not properly secured by the DeFi platform. The FBIs August 29, 2022 PSAwarns the public (that’s to say, investors) on these smart contract vulnerabilities on DeFi platforms. The PSA reports that in just three months of 2022, “cybercriminals stole $1.3 billion in cryptocurrencies, with nearly 97% stolen from DeFi platforms.”
The FBI recommends that investors seek advice from a licensed financial advisor, but to the extent that DeFi platforms will be used, investors should research the DeFi platforms they are using and ensure that the platform has carried out extensive security audits that include a “code audit” and should be mindful, in particular, of “DeFi investment pools with extremely limited timeframes”. Companies that provide DeFi platforms are urged to strengthen their cybersecurity compliance, conduct a code audit, and develop a robust incident response plan.
The content of this article is intended to provide a general guide on the subject. Specialist advice should be sought regarding your particular situation.
POPULAR ARTICLES ON: Finance and Banking of the United States