ArchiveOODA OriginalSecurity and Resiliency

The New Normal? Unique New Responses to Massive, Global Cyber Theft, Data Breach and Espionage Activities (Part 2 of 3)

In Part I of this series of posts, we broke down the timeline and impact of the massive Syniverse Hack, including the most recent development in the aftermath of the massive five-year-long data breach:  U.S. citizens filing multiple lawsuits against Syniverse for exposing their data.  Both lawsuits may evolve into a class action suit.

In Part II, we break down a cryptocurrency payout to users after a recent cyber heist.

The BitMart Cryptocurrency Heist

Crypto Exchange BitMart , the self-proclaimed “most trusted crypto trading platform”, announced last weekend that the company “identified a large-scale security breach related to one of our ETH hot wallets and one of our BSC hot wallets on December 4th, 2021. At this moment we are still concluding the possible methods used. Hackers were able to withdraw assets of the value of approximately 150 million USD.”

Blockchain-security and data-analytics firm PeckShield first identified the breach and puts the total losses at closer to $200 million, with a list of affected assets and amounts on the @BinanceChain with $96 million stolen on the Binance Chain wallet and about $100 million from the @Ethereum wallet (See below).


The most recent headline coming out of this heist – Crypto-Exchange BitMart to Pay Users for $200M Theft – is the really important development in the cryptocurrency theft ‘space’ (for lack of a better word).  There has been an onslaught of recent attacks on cryptocurrency platforms – including:

Poly Network: Hackers take $600m in ‘biggest’ cryptocurrency theft

Cream Finance:  Cream Finance DeFi Platform Rooked For $29M

Liquid: Crunch Time for Liquid as Crypto Exchange Loses $97m to Hackers

bZx:  Hacker Steals $55 Million in Crypto After BZx Phishing Attack; and

BadgerDAO:  As recently as last week, someone stole $120 million in crypto by hacking a DeFi website (BadgerDAO)


What is different about the BitMart incident is the immediate commitment from BitMart to use their own funding to compensate affected users.  To really be in the game as a global currency standard that surpasses the Dollar or the Renminbi as THE global currency standard of the future (which, let’s face it, is the ‘long view’ goal of the current generation of more sophisticated cryptocurrency boosters/evangelists/fanatics, Winklevi notwithstanding), cryptocurrency has three strategic issues in order to achieve monetary policy credibility and stability:  Regulation, regulation, and regulation.

Elon Musk disagrees, arguing that “it is not possible to, I think, destroy crypto, but it is possible for governments to slow down its advancement. I would say, Do nothing.”  The problem now,  in the face of the frequency and severity of cryptocurrency theft incidents, is that the self-regulating ledger was supposed to breed trust, efficiencies, disintermediation, and a democratization of the monetary system. No one expected the serial, wholesale theft of whole swaths of tokens, blockchain integrity be damned.  How will the market mitigate this risk for users?

Cryptocurrency Deposit Insurance?  What Would That Even Look Like?

BitMart’s Sheldon Xia, in immediately compensating the recent heist monies for affected users, created a new value proposition for the cryptocurrency marketplace, which to date has only “worked with law enforcement”  or “begged and pleaded with the hackers to return the stolen monies.”  Xia has chosen an informal internal policy and proprietary branding of “crypto exchange insurance” for a cyber theft incident.  Xia did not announce the compensation is a long-term policy, but it is implicit, as BitMart simply cannot have a second breach of this size, as users will take their tokens elsewhere.  Xia and BitMart may gain users short-term for this move, as it is the only signaling from any of the platforms that there is at least an informal insurance on deposits and transactions to mitigate risk against a barrage of cryptocurrency attacks and theft.

Here is the best analogy:  The automobile (The Ford Model-T was invented in 1908) and the Thompson Submachine Gun (invented in 1918) were the crucial, democratically available technological innovations (hell, even the talkies were new!) that the mob leveraged during the “Golden Age of Bank Robberies” in the U.S. (in Chicago in particular in the 1920s and 1930s).  Newfound auto horsepower and the number of bullets fired per minute (from the floorboard design innovation on most new car models of the era) equaled the invention of the bank robbery, the getaway car, and the high-speed chase – all new law enforcement problems at the time, not much unlike the current inventions used for cryptocurrency heists today.

“…enhanced security measures are now a clear precursor to regulation for the legitimacy of this marketplace.”

Like the adage says:  Cryptocurrency criminals are simply going where the money is.  Cryptocurrency enthusiasts convinced that the hard slog for crypto to global legitimacy, stability, and uniform regulation (so as to become a global currency standard) is simply a “not if but when” proposition, need to reconsider their strategic stance.

Start pricing in the medium to long term impacts of the criminal underground economy now.  It is time to consider that the Federal Deposit Insurance Corporation (FDIC) was created as part of the “1933 Banking Act, enacted during the Great Depression to restore trust in the American banking system. More than one-third of banks failed in the years before the FDIC’s creation, and bank runs were common.”

The question then becomes:  Is this cumulative heist activity a now real-time Black Swan or Gray Rhino for the crypto marketplace?

It has been the conventional wisdom that “traditional’ regulation would be the inevitable fate of cryptocurrency. BitMart Xia has introduced bespoke deposit insurance into the mix to mitigate the risk for users.  Which is a new wrinkle, for sure.  But the fact remains based on the scale and severity of these recent cryptocurrency heists, enhanced security measures are now a clear precursor to regulation for the legitimacy of this marketplace.

In the forthcoming Part III of this series of posts, we breakdown a Fortune 100 company’s recent response to a nation-state actors cyber espionage activity, which may represent American tech companies newfound willingness to play the equivalent role for the U.S. government of the pervasive, global non-state actors that execute cyber activity on behalf of nation-states.

Further reading

For Part I in this series – The Syniverse Hack – see The New Normal? Unique New Responses to Massive, Global Cyber Theft, Data Breach and Espionage Activities (Part 1 of 3).

Part III in the series –  The Microsoft NICKEL Domain Seizures

Related Reading:

Black Swans and Gray Rhinos

Now more than ever, organizations need to apply rigorous thought to business risks and opportunities. In doing so it is useful to understand the concepts embodied in the terms Black Swan and Gray Rhino. See: Potential Future Opportunities, Risks and Mitigation Strategies in the Age of Continuous Crisis

Cybersecurity Sensemaking: Strategic intelligence to inform your decisionmaking

The OODA leadership and analysts have decades of experience in understanding and mitigating cybersecurity threats and apply this real-world practitioner knowledge in our research and reporting. This page on the site is a repository of the best of our actionable research as well as a news stream of our daily reporting on cybersecurity threats and mitigation measures. See: Cybersecurity Sensemaking

Corporate Sensemaking: Establishing an Intelligent Enterprise

OODA’s leadership and analysts have decades of direct experience helping organizations improve their ability to make sense of their current environment and assess the best courses of action for success going forward. This includes helping establish competitive intelligence and corporate intelligence capabilities. Our special series on the Intelligent Enterprise highlights research and reports that can accelerate any organization along their journey to optimized intelligence. See: Corporate Sensemaking

Artificial Intelligence Sensemaking: Take advantage of this megatrend for competitive advantage

This page serves as a dynamic resource for OODA Network members looking for Artificial Intelligence information to drive their decision-making process. This includes a special guide for executives seeking to make the most of AI in their enterprise. See: Artificial Intelligence Sensemaking

COVID-19 Sensemaking: What is next for businesses and governments

From the very beginning of the pandemic, we have focused on research on what may come next and what to do about it today. This section of the site captures the best of our reporting plus daily intelligence as well as pointers to reputable information from other sites. See OODA COVID-19 Sensemaking Page.

Space Sensemaking: What does your business need to know now

A dynamic resource for OODA Network members looking for insights into the current and future developments in Space, including a special executive’s guide to space. See: Space Sensemaking

Quantum Computing Sensemaking

OODA is one of the few independent research sources with experience in due diligence on quantum computing and quantum security companies and capabilities. Our practitioner’s lens on insights ensures our research is grounded in reality. See Quantum Computing Sensemaking.

The OODAcast Video and Podcast Series

In 2020, we launched the OODAcast video and podcast series designed to provide you with insightful analysis and intelligence to inform your decision-making process. We do this through a series of expert interviews and topical videos highlighting global technologies such as cybersecurity, AI, quantum computing along with discussions on global risk and opportunity issues. See: The OODAcast

Daniel Pereira

Daniel Pereira

Daniel Pereira is research director at OODA. He is a foresight strategist, creative technologist, and an information communication technology (ICT) and digital media researcher with 20+ years of experience directing public/private partnerships and strategic innovation initiatives.