Start your day with intelligence. Get The OODA Daily Pulse.

Subscribe Sign In

Home > Analysis > In 2022: $1B in Crypto Blockchain Bridge Heists, Growing National Security Concerns and the Secure Blockchain Initiative

In 2022: $1B in Crypto Blockchain Bridge Heists, Growing National Security Concerns and the Secure Blockchain Initiative

OODA Original

04/12/2022 | Written by: Daniel Pereira

In OODA CEO Matt Devost’s annual OODA Alamanac posting for 2022 – OODA Almanac 2022 – Exponential Disruption – one of his strategic forecasts was concerned with the future of Web3 and crypto:

“Many Web3 and cryptocurrency initiatives will encounter consequential cybersecurity issues in 2022 that will impact public adoption and invite increased regulatory pressure. While Bitcoin, Ethereum, and other technologies allow for true decentralization, there is a middleware ecosystem emerging in the form of marketplaces and exchanges that are based on Web2 technologies that are being deployed without proper consideration for cybersecurity best practices. These are areas where traditional cybersecurity practitioners and specialized red teaming can help but are rarely being engaged.”

In a February post, Matt also extended this analysis to Bitcoin and national security risks – including the impact on the U.S. dollar as the global reserve currency, the lack of tracking granularity, the ongoing use of bitcoin in ransomware and consumer fraud, the lack of fiduciary/legal liability, and the risk posed by overregulation of the space in the U.S.

Cybersecurity and the Blockchain

Matt’s forecasts and national security concerns have only been further distilled and validated by the role crypto is playing in the current conflict in Ukraine – with the EU targeting crypto wallets in the latest round of Russia sanctions and the U.S. imposing sanctions on the Russian darknet market and crypto exchanges. According to reporting by Reuters, the U.S. Treasury Department “has also reached out to cryptocurrency companies about their cybersecurity controls amid concerns that Russia could wage retaliatory cyber attacks in response to Western sanctions…In a sign U.S. regulators see the ballooning cryptocurrency industry as a growing source of systemic risk, U.S. Treasury officials have also been in discussions with cryptocurrency exchanges and trade groups to ensure U.S. digital assets are safe.” (1)

Like our broad research and analysis efforts in Q321 and Q421 regarding dis- misinformation and cognitive infrastructure, this year we embark on what academia calls a “literature review” on the topic of crypto and blockchain security initiatives which, in the case of OODA Loop, begins with tracking down the best-in-class research efforts and subject matter experts to explore how they are “framing and naming” the formative core issues surrounding the topic. The research area is nascent and shows great promise – but there is some heavy lifting in the early stages in order to wrap our brains around the challenges ahead.

Based on the recent release of our Web3 Cyber Incident Database, the 2022 OODA Loop research agenda will be prioritizing the tracking and analysis of efforts to address cybersecurity initiatives specific to the blockchain, crypto, and DeFi. Blockchain in particular shows great promise for the future of identification and security protocols. For now, however (and consistent with Matt’s analysis), what trumps the potential cybersecurity applications of the blockchain is the conventional wisdom that the entire crypto ecosystem has serious middleware challenges – and growing direct security vulnerabilities in the blockchain design and architecture itself.

Blockchain Bridge Hacks: The Ronin Network ($618M), WonderHero ($320K), and Wormhole ($324M)

We understand that the community is concerned with the sudden WND price drop. Our team is looking into this issue and we will update as soon as we can.

— WonderHero (@Wonderhero_io) April 7, 2022

Two cryptocurrency “play to earn” sites based on the blockchain were recently hacked:

The Mammoth $618 million Hack of the Ronin Network: “The Ronin Network announced on Tuesday that hackers have stolen more than $600 million worth of Ethereum (173,600 ETH) and $25.5 million of US dollar-pegged stablecoin USDC, making it one of the largest decentralized finance (DeFi) hacks to date. The company, which is tied to the popular blockchain game Axie Infinity, said in a Substack post that they suffered a security breach on March 23. Sky Mavis, a blockchain gaming company, built and controls the Axie Infinity game;” (2) and
The Hack over at WonderHero: “One of many popular games where players earn revenue in cryptocurrencies and NFTs through gameplay [aka “‎an NFT-based crypto Pokemon-like gaming platform“]. WonderHero currently has about 11,000 active users. The service was disabled after hackers stole approximately $320,000 worth of Binance Coin (BNB). In a statement, the company explained that the attack was on their cross-chain bridging withdrawal: A cross-chain bridge – also known as a blockchain bridge – allows people to transfer tokens, assets, smart contract instructions, and data between blockchains. They have become a ripe target for hackers in recent months and exploits in bridges have led to millions of dollars in losses. The attack caused the price of WonderHero’s own coin, WND, to plummet more than 90%.” (3)

The $324 million Wormhole blockchain hack (back in February) is also worth exploring. The core design principle behind the blockchain is distributed trust – based on a distributed ledger, inclusive of encrypted anonymity – and what the market to date has assumed was that implicitly strong cybersecurity and protection against hacking activity was built into the design of the blockchain architecture. This assumption is what makes the Wormhole, Ronin Network and WonderHero blockchain hacks, in particular, really troubling. Brandon Vigliarolo over at the Tech Republic does a great job of breaking down the Wormhole blockchain hack:

“Those following the tech world have probably heard about the recent hack of blockchain bridging service Wormhole that has amounted to the fourth-largest crypto theft, and second-largest De-Fi theft, ever. The attacker who found the exploit created 120,000 Ethereum out of nothing and made off with about $324 million of it. For background, Wormhole is a service that lets users exchange cryptocurrencies across blockchains, sort of like swapping one fiat currency for another. In this particular case, the attacker exploited Wormhole in such a way that they were able to trick it into minting 120,000 wrapped ethereum (wETH, a 1:1 value equivalent token that represents ethereum) on the Solana blockchain, most of which the attacker then moved to the ethereum blockchain. Unfortunately for Wormhole, all of that exploit-created wETH had to steal value from somewhere, and it came from Wormhole’s store of Ethereum that lets it back all the wETH on its network.” (1)

Carnegie Mellon University’s Security and Privacy Institute (CyLab) Launches The Secure Blockchain Initiative

The website for the initiative captures the current moment surrounding blockchain security research:

Since the release of the Bitcoin white paper at the end of October 2008, blockchain, or what is more broadly referred to as Distributed Ledger Technology (DLT), has evolved from a niche interest on the internet to be an embodiment of tech-hype cycles to an area of fundamental research.

CyLab is launching a multi-year, interdisciplinary research program called the CMU Secure Blockchain Initiative (Blockchain@CyLab), which will rethink blockchain across enterprise ecosystems to address challenges in: consensus mechanisms and scalability; cryptocurrencies and markets; cryptography; formal verification; and regulation, policy, and governance. Despite the advances that have been taking place, there are still a lot of open research questions to ensure that protocols and applications are ready to interact with more individuals. Especially as the industry sees more activity in terms of consumer applications such as those seen in decentralized finance (DeFi), ensuring the fundamental research elements of the technology, especially from a security, privacy, ethics, and societal impact perspective, is of utmost importance.

Blockchain@CyLab intends to develop a suite of novel foundations and technologies that address the above challenges, and re-imagine blockchains along the following three key thrusts:

Cryptography, consensus, and verification: While the blockchain industry is advancing, core concerns around cryptography, consensus, formal verification, and other theoretical research questions persist.

Observation: Fundamental research concerns persist as more protocols vie for becoming the standard for certain use cases.
Consequence: Research focused on core concepts such as consensus and cryptography is needed to ensure network security.
Initiative objective: A blockchain stack for both public and private environments that is secure and resilient.

Applications and implementations: The development and implementation of specific applications utilizing existing blockchains.

Observation: Many blockchain applications still struggle with questions pertaining to design, incentive mechanisms, custom programming languages, governance, and regulation.
Consequence: Support is needed both in terms of industry-specific applications (e.g. DeFi, financial inclusion), as well as in terms of advancing some shared technical challenges.
Initiative objective: Provide insights around the application and implementation level challenges.

Cryptocurrencies: Cryptocurrency-related markets and analysis, ranging from cryptocurrency use, analysis of dark web markets, and cryptocurrency trading to regulation.

Observation: There has been a lot of overall activity in cryptocurrency markets, including more institutional dollars flowing in, while the underlying activities remain unnecessarily opaque.
Consequence: Hacks at cryptocurrency exchanges highlight the importance of better understanding trade activity and related security.
Initiative objective: Provide insights and analysis on market and industry-level activities, including potential paths for policy and regulation.

Private-sector company sponsors include Ripple, the Agroland Foundation and Crypto.com.

Research by the CyLab will also inform upcoming OODA Loop research and analysis on the topics of Digital Sovereignty, Digital Rights, Digital Identity and Personal Data Ownership, as members of the lab have already contributed to the public policy debate on the issues.