Cyberattacks in the startup and cryptocurrency space

The landscape of cybercrime is evolving.

The influence of new innovative tech solutions, digital channels and automation is having hugely disruptive implications on the way cyberattacks are taking place, as well as how companies and individuals protect themselves against cyber criminals.

Startups and cryptocurrency often fade into the background when discussing cyberattacks, however, they are arguably two of the most vulnerable parties today and the implications of an attack can be monumental.   

The importance of cybersecurity for startups

Tech startups are arguably one of the most vulnerable parties when it comes to cybercrime.

Whilst the entrepreneurial spirit is racing to get the business to market as quickly as possible, cybersecurity is often left trailing behind, being perceived as a business blocker rather than enabler.

Conversely, just like the breaks in a car help the driver to go faster and safer, good cybersecurity practices give startups a business edge and can help avoid pitfalls, including scenarios where the business may literally drive off a cliff if impacted by a major cyber incident.

Startup’s small workforce, reliance on third party suppliers, lack of resources and the multiple roles each employee often holds means cybersecurity can slip under the radar and be hard to manage, making them an easy target for attackers.

In EY’s recent Global Information Security Survey, 40% of technology, media and entertainment and telecoms (TMT) organisations recently identified employees, either through lack of awareness of via malicious attacks, as the most likely source of a cyberattack.

Additionally with many startups operating in shared workplaces, it not only increases their vulnerability, but if a cyberattack does take place, it can make it very difficult to identify the source of the attack.

It is paramount that startups are agile and quick to market, however, the legal, operational and financial consequences of a cyber breach can significantly impact their ability to succeed. Good cybersecurity and privacy practices will be a disruptor for many startups.

Cryptocurrency and cybercrime

Cryptocurrency is often misconceived as safe from cybercrime because of the underlying blockchain technology underpinning it.

However, cybercriminals are highly attracted to cryptocurrencies given their anonymous nature, underlying value and ability to be stolen easily compared to other forms of assets. Cryptocurrency is still being attacked on the fringes of the blockchain and it is usually individuals or exchanges that are a cybercriminal’s first port of call.

Therefore, it is paramount that within the crypto space individuals get the basics right and understand the importance of securing their own computers, devices and personal wallets.

It’s advisable to ensure there are multiple layers in place to stop a cyberattack or at least limit its exposure. These include the use of hardware and cold wallets, enforcing two-factor authentication, increased alerting and monitoring to ensure early detection (e.g. on exchange transactions), general vigilance and using separate devices to access your cryptocurrency from day-to-day tasks.

Take cybersecurity seriously

The commitment to cybersecurity is increasing among TMT organisations, with cybersecurity budgets projected to increase by 10.6% over the next 12 months, but it can’t stop there. It is paramount that cybersecurity takes a place at the top of every organisation’s agenda. It’s not about if you’re going to be attacked, but when.

Look out for the next instalment of my two-part cybercrime series to find out the steps you should take if you’ve been attacked, the trends we’re currently seeing in the market and what the future holds for cybercrime.

Watch my interview with UK Tech News for more insights:

All statistics are taken from the EY Global Information Security Survey 2018: https://www.ey.com/gl/en/industries/technology/ey-tmt-global-information-security-survey-2018

The views reflected in this article are the views of the author and do not necessarily reflect the views of the global EY organisation or its member firms.