Blockchain technology, while an incredible development, is not without its flaws. From $500 million dollar hacks to ICO scams, security is perhaps the most evident of them all.
An Ernst & Young report on ICOs yielded some terrifying results for ICO teams and ICO investors alike. According to the report, over 10 percent of funds raised through ICOs are either stolen or lost because of hacks. About $400 million of the $3.7 billion that has been raised was stolen, without any assurance that the money can be recovered.
The most common technique for hacking ICOs is phishing, the practice of sending fraudulent emails with hopes of tricking investors to give up personal property–such as passwords, credit card numbers, or bank accounts. Oftentimes, hackers will set up a wallet address “on behalf of” the ICO company, then convince unknowing investors to send BTC or ETH to that address as part of the offering. Investors don’t learn of the fraud until it’s too late.
Cryptocurrency hacks and ICO scams have the SEC on higher alert than ever before. Therefore, it is imperative that ICO teams do their absolute best to make sure their ICO launches–and finishes–without a hitch. Here are three of the biggest makes companies make when launching an ICO, and how to avoid them.
Whether a team knows it or not, their industry involves sales. This is because every industry, from fintech to farming, requires sales. The same is true for blockchain technology. Once an ICO team has the infrastructure of their ICO in place, they must do their best to promote, market, and sell their platform. Without a strong marketing presence, an ICO will fail miserably, no matter how incredible the platform truly is.
Thankfully for ICO teams, several companies specialize in ICO and blockchain marketing. Or, teams can hire traditional digital marketing companies who, though they may not be as familiar with blockchain technology, still know how to run very effective ad campaigns.
The second big mistake that ICO teams make is ignoring compliance procedures. This is a critical error, especially with many countries stepping up the regulatory pressure on blockchain companies. The first step that ICOs must take is researching their industry and pertinent regulatory body. For example, U.S. based blockchain startups in the financial sector should research what the SEC and FINRA have said about ICOs. Second, ICOs would be wise to hire outside compliance help, whether an independent contractor specializing in their particular field, or a general blockchain compliance company.
The third mistake is failing to properly audit security measures. If the numbers published by EY continue at the current rate, the crypto community will see hundreds of millions of dollars siphoned out of ICOs this year–again! Companies can take obvious steps to preventing hacks and fraudulent behavior by monitoring the ICO space for mimics and copycats.
In addition, they should consider hiring out independent blockchain security companies. For example, Hosho provides smart contract audits, penetration testing, and bug bounties to help teams prepare for ICO and platform launches. By exposing system and coding vulnerabilities before hackers can, blockchain security companies can save startups hundreds of millions of dollars and thousands of hours of time up front.
Blockchain companies should also remember that compliance differs from security. Hosho’s CEO comments, “Companies need to allocate time and capital towards security. Unfortunately, many companies put too much focus on compliance, thinking that as long as they meet all regulations, their sensitive data will be thoroughly protected… a penetration test of their website is crucial, so that situations such as what happened to CoinDash can be avoided.” Though the two are linked, companies shouldn’t assume that taking care of one automatically covers the other.
This article was first published on Feb 15, 2018