Article Web2 and Web3 Security Trends Update

Priya Kapor wrote a great piece in Entrepreneur India about macro trends in Web 3 Security. It’s a good read. The article discusses trends to watch out for in Web3, crypto, cybersecurity, and rural fintech in 2023.

  • 💡 The year 2022 was challenging for Web3 and the crypto space, but there were some major developments such as the Ethereum upgrade and the introduction of Central Bank Digital Currency (CBDC) and new crypto tax policy by the government.
  • 💡 The year 2023 is expected to see continued development of Web3 infrastructure with a focus on investor education and awareness, transparency, strong ethics, and a favorable regulatory framework to protect investors while encouraging innovation.
  • 💡 Blockchain technology is expected to be the defining aspect of Web 3.0 and decentralized networks are expected to see more adoption, transparency, and use cases in the years to come.
  • 💡 In the rural fintech sector, there were some noteworthy initiatives undertaken by the government including UPI 123 Pay, and launch of 75 Digital Banking Units (DBUs) in 75 districts to address the under-penetration of banking and financial services in the country.
  • 💡 Experts expect more Web3 digital collectibles platforms to partner with the world’s leading sports boards, leagues, and players’ associations in 2023.

 Security vulnerabilities to the left and right persist in the world of Web 2 as well. Forbes reports a steep rise in security:

  • 💻 The introduction of emerging technologies such as AI/ML, 5G, IoT, and quantum computing has significantly impacted everything connected to the internet.
  • 🚨 Cybersecurity challenges arise as AI can amplify social engineering capabilities and help identify target vulnerabilities for hackers.
  • 🔍 As data continues to be produced and stored in greater volumes, and connectivity greatly expands globally on the internet, the attack surface has become more exploitable with gaps and vulnerabilities for criminal and nation-state hackers.
  • 📈 Global cyber-attacks rose by 7% already in Q1 2023 with an average of 1,248 attacks per week per firm and 1 in 31 organizations worldwide experiencing a ransomware attack weekly over the first quarter of 2023.
  • 🦠 Malware statistics show that 560,000 new pieces of malware are detected every day, and there are now more than 1 billion malware programs circulating, with four companies falling victim to ransomware attacks every minute.
  • 🔒 There have been already almost 340 million people affected by publicly-reported data breaches or leaks in 2023 according to a public data breach tracker.
  • 🌐 Global 5G connections are set to reach 1.9B in 2023, and for cybersecurity, that means less latency and faster attacks by threat actors.
  • 🔑 A new report shows that the number of assets organizations manage on average has increased by 133% year-over-year, from 165,000 in 2022 to 393,419 in 2023. The number of security vulnerabilities has grown disproportionately, jumping up 589%.
  • 💻 42% of IT and security professionals have been told to keep breaches confidential and 29.9% of respondents admitted to actually keeping a breach confidential instead of reporting it, according to a survey by cybersecurity vendor Bitdefender, revealing that many organizations are willing to ignore their obligations to report data breaches to regulators and customers in an attempt to avoid legal and financial penalties.
  • 🛡️ Basic cyber-hygiene measures can make companies and individuals less of a target to cybercriminals. These measures include implementing multi-factor authentication, identity and access management, strong password management, protective tools such as firewalls, antivirus, and intrusion detection software, and updating and backing up networks in a timely manner.
  • 🔍 The threats are becoming more sophisticated and capable, so it is important to maintain cyber-awareness and to have an Incident Response Plan to respond to an attack in a timely manner.

Unlike the previous administration under our 45th president, thankfully there are adults in control in Washington, D.C. In March of 2022, the Biden/Harris administration gave clear guidance on cybersecurity to address ongoing and imminent threats posed by Web2 and Web3.

  • 💻 The White House has issued an executive order on the responsible development of digital assets.
  • 💰 The growth in markets for digital assets has led to significant implications for consumers, investors, and businesses in various aspects such as data privacy, financial stability, crime, national security, financial inclusion and equity, and climate change.
  • 🌎 The United States has an interest in responsible financial innovation and reducing the cost of domestic and cross-border funds transfers and payments.
  • 🔍 The principal policy objectives of the United States with respect to digital assets are: to protect consumers, investors, and businesses, to protect the United States and global financial stability and mitigate systemic risk, and to mitigate the illicit finance and national security risks posed by misuse of digital assets.
  • 💰 Digital assets pose significant financial risks to consumers, investors, and businesses if appropriate protections are not in place.
  • 🛡️ Digital asset issuers, exchanges and trading platforms, and intermediaries should be subject to regulatory and supervisory standards that govern traditional market infrastructures and financial firms, in line with the general principle of “same business, same risks, same rules.”
  • 💸 Digital assets may pose significant illicit finance risks, including money laundering, cybercrime and ransomware, narcotics and human trafficking, and terrorism and proliferation financing.
  • 🛡️ The United States must ensure appropriate controls and accountability for current and future digital assets systems to promote high standards for transparency, privacy, and security that counter illicit activities and preserve or enhance the efficacy of our national security tools.
  • 🌎 When digital assets are abused or used in illicit ways, or undermine national security, it is in the national interest to take actions to mitigate these illicit finance and national security risks through regulation.
  • 💰 The Chairman of the Federal Reserve is encouraged to continue research on CBDCs and assess their optimal form, as well as to develop a strategic plan for their implementation and launch.
  • 📝 The Attorney General, in consultation with the Secretary of the Treasury and the Chairman of the Federal Reserve, is to provide an assessment of the legislative changes necessary to issue a US CBDC within 180 days of the order date, and a corresponding legislative proposal within 210 days of the order date.
  • 🔒 It is critical to ensure that digital assets do not pose undue risks to consumers, investors, or businesses, and to put in place protections as a part of efforts to expand access to safe and affordable financial services. Policy recommendations, including potential regulatory and legislative actions, are to be included in a report coordinated through the interagency process.
  • 🤖 The Director of the Office of Science and Technology Policy and the Chief Technology Officer of the US are to submit a technical evaluation of the technological infrastructure and expertise necessary to facilitate the introduction of a CBDC system, including any reflections or recommendations on how the inclusion of digital assets in Federal processes may affect the work of the US Government and the provision of Government services, within 180 days of the order date.
  • 👮 The Attorney General, in consultation with the Secretary of the Treasury and the Secretary of Homeland Security, is to submit a report on the role of law enforcement agencies in detecting, investigating, and prosecuting criminal activity related to digital assets, including any recommendations on regulatory or legislative actions, within 180 days of the order date.
  • 💰 The United States aims to develop digital payment architectures and central bank digital currencies (CBDCs) that will reduce payment inefficiencies while being consistent with US values and legal requirements.
  • 🌎 The United States established the G7 Digital Payments Experts Group to discuss CBDCs, stablecoins, and other digital payment issues, which has issued a set of policy principles for CBDCs that should be grounded in transparency, the rule of law, sound economic governance, and the promotion of competition and innovation.
  • 🤝 The United States supports the G20 roadmap for addressing challenges and frictions with cross-border funds transfers and payments, as well as international work to address the full spectrum of issues and challenges raised by digital assets, including financial stability, consumer, investor, and business risks, and money laundering, terrorist financing, proliferation financing, sanctions evasion, and other illicit activities.
  • 🗣️ The US Administration plans to expand engagement with critical international partners and promote development and implementation of holistic standards, cooperation and coordination, and information sharing while ensuring that core democratic values are respected and consumers, investors, and businesses are protected.
  • 📈 The US Administration will establish a framework for interagency international engagement with foreign counterparts and in international fora to adapt, update, and enhance adoption of global principles and standards for how digital assets are used and transacted, and to promote development of digital asset and CBDC technologies consistent with US values and legal requirements.
  • 🔍 The framework will include specific and prioritized lines of effort and coordinated messaging; interagency engagement and activities with foreign partners, such as foreign assistance and capacity-building efforts and coordination of global compliance; and whole‑of‑government efforts to promote international principles, standards, and best practices.
  • 📊 The US Administration will establish a framework for enhancing US economic competitiveness in and leveraging digital asset technologies.
  • 🕵️ The US Administration will strengthen international law enforcement cooperation for detecting, investigating, and prosecuting criminal activity related to digital assets.
  • 🤖 “Blockchain” refers to distributed ledger technologies where data is shared across a network that creates a digital ledger of verified transactions or information among network participants and the data are typically linked using cryptography to maintain the integrity of the ledger and execute other functions.