The Bybit hack sent shockwaves through the global digital finance community shining a spotlight again on central crypto exchange security. The $1.4 billion ETH heist is the biggest crypto theft of all time, architected by the North Korean Lazarus Group, and appears to be the biggest theft of any kind in history.
The hack comes swiftly on the back of the crypto industry celebrating the newly installed Trump presidency and the administration’s commitment to making America the crypto capital of the world with a new Executive Order ‘Strengthening American Leadership In Digital Financial Technology’ Executive Order, a deluge of new appointments, and talk of a strategic bitcoin reserve.
The hack is likely to dent consumer confidence in crypto and will raise further questions by policymakers keen to put the brakes on digital finance technologies. The Bybit hack continues a trend which saw $2.36 billion lost in 2024 across 760 security incidents from Web3 projects according to a CertiK’s Hack3d report.
What is important for citizens, businesses, policymakers and regulators to understand, is the Bybit hack was the result of human error, and has nothing to do with crypto or blockchain technology per se – just like the FTX bankruptcy was the result of human fraud, and not weaknesses of new digital technologies.
Bybit was breached by a sophisticated phishing hack, deceiving the human signing officers who all needed to authorize the fraudulent transfer of cryptocurrency from Bybit’s digital wallet to the Lazarus Group’s digital wallet, though a function known as “multisig wallets” for their requirements for multiple signatures to enable a transaction.
This was achieved by “UI spoofing”, replacing the regular Bybit user interface with a false and clearly thoroughly convincing fraudulent user interface that fooled the Bybit signatories who believed they were authorizing a “business as usual” transfer of cryptocurrency. This type of human hack demonstrates the risk of centralized security on the web, now and into the future.
The bad news is that centralized platforms and their security systems rely on human trust which makes them more predictable and lucrative targets for cybercriminals as they are single points of failure and access for cybercriminals to technology platforms and ecosystems.
The good news for the Web3 digital assets community is that Decentralized Physical Infrastructure Networks (DePINs) are vastly improved solutions to centralized cybersecurity threats by distributing trust and validation and look to be a major growth area for the digital finance sector in Web3.
DePINs are transforming a range of industries reliant on the centralised governance and management of physical infrastructure. Currently valued at $29 billion with a daily trading volume averaging $2.18 billion, DePINs are already relatively well-established and their growth potential, like bitcoin price predictions, are bullish.
In its Digital Assets report, asset manager Franklin Templeton makes the bold prediction that the year ahead will see a significant shift in the crypto sector away from focusing on trading to developing real-world applications. The market as a whole, quite apart from coins, will grow significantly driven by utilities and digital assets, Franklin Templeton believes, will become a vital part of global finance and operations.
David Carvalho, founder and ceo of Naoris Protocol, a leader in post-quantum decentralized security, believes DePIN could have prevented the Bybit hack, stating, “No system is infallible, but decentralized validator nodes in DePINs automatically detect abnormal user behaviours or compromised devices and isolate threats immediately while continuously verifying transaction interfaces against cryptographically secure, on-chain versions.
“The distributed code attestation at DePINs ensures only verified smart contracts execute which stops unauthorized transactions and hackers.”
DePINs Opportunities And Challenges
In its State of DePIN 2024 report, crypto analytics and research firm Messari estimates that 13 million devices globally contribute to DePINs every day and 20 DePIN projects have 100,000-plus active nodes with five having more than a million.
The report estimates that the addressable market for DePIN is $2.2 trillion and could reach $3.5 trillion by 2028 but that currently DePIN projects only account for less than 0.1 percent of those addressable markets.
Growth forecasts for the next decade for the sector range from 100x to 1,000x and whilst a significant gap is a good indicator that there is substantive growing investment interest in the DePIN sector.
Research for crypto exchange Bitrue estimates more than $246 million was invested by venture capital firms in 70 DePIN projects last year. One firm, Borderless Capital, has invested in 17 projects valued at $8.9 billion.
Helium, one of the best-known DePIN in action projects, is estimated to have attracted $1 billion in investment for its decentralized wireless network that provides connectivity for Internet of Things devices. The decentralised infrastructure reduces the need for major telecom investments.
The investment universe for DePIN goes beyond venture capital firms. Crypto hedge funds including EV3 Liquids, Modular and Pantera have invested directly in projects. Messari’s report concludes that “DePIN is an inevitable global movement” a rather strong analyst prediction.
Some analysts argue that the development of quantum computing will be a problem for virtually all digital systems. The cryptographic encryption protocols will need to be upgraded as will any system using encryption.
Policy and regulation of DePIN is currently pretty thin on the ground, and Aaron Basi, head of product at IoTeX says, “Developing a robust regulatory framework for DePIN is essential to unlocking its potential as a transformative force in technology and infrastructure. Regulators must embrace a nuanced approach that addresses the complexities of DePIN’s hybrid nature.”
The technology behind DePIN needs to be robust, but most importantly, real world users have to adopt the DePIN technology.
The Web3 Opportunity For DePIN
The development of Web3 focuses on solutions that aim to decentralize systems and give power to individuals. It has yet to hit the mainstream but the potential to support DePIN is there.
Alireza Ghods, the ceo and co-founder of NATIX, says, “The journey to mainstream adoption for DePIN and Web3 is not about flashy technology or complex innovations that only a select few can understand. It’s about taking what already exists – whether that’s smartphones, user habits, or everyday problems – and making it better, more accessible and more valuable through the power of crypto and decentralization.”
New research with developers in the U.S., U.K., European Union, and APAC by Naoris Protocol found 95 percent saying they have seen a rise in malware attacks over the past two years while 85 percent report an increase in phishing attacks, 85 percent a rise in DDos attacks and 81 percent an increase in ransomware incidents.
Developers expect the average cost of data breaches to hit $5.3 million within five years. Almost all believe the cost will keep increasing.
While being concerned about data breaches and cyber attacks the developers questioned also concede that the increased use of AI and the Metaverse will be a contributor to the rise in costs. They also agree that quantum computing poses a major risk and that Web3 developments themselves are a risk.
81 percent believe they have a good understanding of the new and enhanced risks Web3 faces from cyber attacks and they all agree that DePIN will be important for cyber security. 71 percent believe it will help cut costs and 30 percent say that the cyber security issue will be the biggest driver of DePIN adoption.
Carvalho comments, “Centralized security models are obsolete. By enabling continuous, decentralized security validation, DePINs eliminate single points of failure, significantly reducing risk and restoring trust in the digital world. DePINs not only reduce reliance on centralized entities but also foster community participation, creating new economic incentives for contributors. As quantum computing threats emerge, DePINs will play a crucial role in addressing cybersecurity challenges.”
The Real World View On DePIN
Naoris Protocol’s research also shows there is growing evidence of real world applications as predicted by Franklin Templeton. Naoris interviewed IT directors at companies with annual turnovers of $300 million or more based in the U.S., U.K., European Union, and APAC and found high levels of concern about cybercrime.
Almost half expect the global cost will exceed $15 trillion by 2030 and report rising numbers of incidents. 79 percent have seen increases in malware attacks and 75 percent report more phishing with 68 percent seeing more ransomware and the same number a rise in DDoS.
97 percent are expecting bigger budgets to cope with cyber crime. Part of that is down to what are perceived as growing threats from the use of AI and machine learning by hackers coming increasingly prevalent.
The enhanced cyber attack risks of Web3 are a further issue identified by the study. The real world case is highlighted by the fact that they regard having a Web3 strategy in place as important with 58 percent regarding it as very important.
The real world case is further strengthened by how IT directors plan to address cyber risks. 73 percent say DePIN is extremely important to future cyber security strategy.
The emphasis on the role of DePIN in cyber security is a case that is recognised by IT directors. 96 percent say their organisation is involved in DePIN projects now. All expect growth in the number of new DePIN projects they and their company are involved in with 31 percent predicting growth of 50 percent or more in the next two years.
DePIN is building momentum and recognition as it moves into the real world and helps to address real world issues. The U.S. election has turned the spotlight on digital finance innovation using blockchain and crypto. The year ahead will help widen the spotlight to DePIN technology and help to further drive its growth.
Read the full article here
