Bounty Programs – The First Step in Stopping the Crypto Hack Epidemic

Cyber attacks are a fast-growing crime whether in size, sophistication or  cost. The probability that your personal information such as financial data is sold on the dark web is quite high, especially if you are a U.S citizen. Further to personal risk, the more alarming fact presents itself when examining the likelihood of a successful cyberattack on international organizations. Per a 2019 cyberthreat report, 78% of IT security decision-makers globally reported a successful cyberattack on the international organization. 65.9% of the attacks were more likely to occur in the financial industry. 

It is no doubt that in regards to the cybersecurity threats the financial institutions are faced with daily, the only guaranteed variable is that hackers will continue to find new ways to infiltrate the organization’s network. Cybercriminals are constantly evolving their methods, and pursuing newer, unforeseen challenges and dangers. In order to fight back, companies must take additional precautions before releasing a new product, and properly understand the cyber-risks they are facing. Bounty programs are a highly effective method to pin-point security vulnerabilities, and increase the product security.

What is a bounty program? 

Bounty programs allow you to engage responsibly with security researchers – also known as white-hat or ethical hackers, in order to detect security vulnerabilities in software and hardware solutions.

Their role is to detect security weaknesses and report them to the company, while receiving monetary compensation, along with gaining reputation in the field. Ethical hackers participate in the bounty programs in accordance to a legal framework, and receive pre-determined rewards. The higher the severity of the vulnerability detected – the higher the earning prize.

In 2018 Facebook paid the largest single bounty of $50,000, and in early 2020 Microsoft suggested a reward prize of $20,000.  

 

Bounty programs- a mandatory step in the crypto asset market

 

Quoted in the latest Blomberg article, KPMG claims that “The cryptocurrency market needs to improve how it secures digital assets for the $245 billion industry to keep growing”. The 2020 report claims that a total of $9.8 billion in crypto-assets have been stolen due to malicious hacks. All hacking incidents stem from the way individuals and businesses protect their crypto assets.

The safety of your money highly depends on the security defenses of your crypto hot/cold wallets. After the latest swarm of major hacking-related headlines, it has become apparent that crypto custodians, exchanges and wallet providers must prove their security abilities, and reassure customers that their assets are safe. Public bounty program are a mandatory step for people and businesses relying on crypto wallets. 

 

Why did GK8 initiate a bounty program, and what is it?

 

On February 3rd, 2020 GK8 launched a bounty program with a prize of $250,000 in Bitcoin to the first hacker who will hack our cold wallet. Our goal was to prove that the new-gen security status for sending valid blockchain transaction can work without internet connection, meaning without exposing private keys to the internet. The company sent out a press release a week in advance, with all the basic information hackers would need if they tried compromising the wallet. We provided a high incentive prize, one-stroke untraceable bitcoin theft, public details as company location and a live bitcoin transaction at an expected time.

 

Additionally, GK8 took measures to attract illicit hackers, who are often on the news for crypto-exchange hacks and love pretentious challengers. Over 400 ethical security researchers registered to the bounty program, and the GK8 systems indicated black-hat hacker tracking. As forecasted, the result didn’t replicate the Bitfee bounty hack and GK8’s holdings are still safe to this very day.

What Crypto custodians need to know – Recheck security penetration test and bounty results

In our digital age, cybersecurity is the new safekeeping. Security professionals tend to think that an internet connection is mandatory for executing a blockchain transaction, which is sentencing the world to an ongoing fear of crypto-theft. More importantly, it is holding back blockchain technology, and preventing it from unleashing its full potential and impact to people globally.

Safekeeping and safe deposit of public valuables have become an issue of cybersecurity and how to safeguard private keys from any unauthorized entity. In order to encourage more people to utilize crypto, it is imperative to invest in the best security possible.