From beincrypto by Camila Naón

As crypto adoption grows and project-building on Web3 becomes more widespread, blockchain security has become a central pillar for users and developers.In a conversation with BeInCrypto, Hacken‬ CEO Dyma Budorin highlighted the need for comprehensive compliance solutions in 2025.

A Need for Higher Security Measures

As 2025 approaches, experts are weighing in on the frequency of data breaches that blockchains have suffered and their negative impact on user experience. This year, crypto security breaches escalated, with losses surpassing $2.9 billion across various sectors, according to a recent Web3 security report developed by Hacken, a cybersecurity company.

Access control vulnerabilities emerged as the dominant threat vector, contributing to 75% of all hacks. This trend, observed across DeFi, CeFi, and gaming/metaverse platforms, highlighted the widespread occurrence of security weaknesses related to operational security and access management. Phishing scams also inflicted significant damage, resulting in losses exceeding $600 million.

‬‭”It’s evident that the industry can no longer overlook operational security. Comprehensive audits, strict access control protocols, and robust key management systems must become‬ standard practices,” said Budorin in an interview with BeInCrypto.

The significant losses experienced in 2024 underscore the critical need for the crypto industry to prioritize all-encompassing security measures and comprehensive audits to reduce future breaches and protect user assets.

A Bad Year for Access Controls

Budorin pegged access control issues as the most critical challenge facing blockchain security today, especially the loss of private keys across project teams, affecting CEOs and developers.According to Hacken’s report, in 2024, access control exploits, primarily linked to private key compromises, resulted in losses exceeding $1.7 billion. This is a substantial increase from the $1 billion reported the previous year.

“Notably, major incidents like‬‭ Radiant‬‭ Capital‬‭ and‬‭ Orbit Bridge‬‭ underscore the consequences‬‭ of weak key management and the‬‭ absence of multi-sig solutions or regular audits,” Budorin added.

In October, a major hack targeting Radiant Capital resulted in losses of $55 million and affected more than 10,000 users. The breach involved hackers exploiting vulnerabilities to gain control of three of Radiant’s private keys, enabling them to drain funds from the platform.

Attackers exploited vulnerabilities by injecting malware onto developer devices, enabling them to intercept and manipulate legitimate transaction approvals despite using hardware wallets.Orbit Bridge, a cross-chain bridging service, suffered a more significant hack on New Year’s Eve last year, resulting in a loss of approximately $82 million. According to Hacken, the incident marked the largest DeFi hack of 2023.Despite using multi-signature technology, which typically requires multiple parties to authorize transactions, the attacker compromised seven out of ten signers, highlighting a critical vulnerability in the system.The stolen funds were mainly stablecoins, including $30 million USDT, $10 million USDC, and $10 million DAI. Additionally, 231 WBTC ($10 million) and 9,500 ETH ($21.5 million) were compromised. Hackers transferred the stolen funds through an intermediary address before laundering them through a cryptocurrency mixer.

Prioritizing Higher Cybersecurity Standards

In 2025, mandatory compliance should become a reality for all projects developing on a blockchain, said Budorin.

“Mandatory compliance in 2025 will mark a turning point for the crypto industry, driving‬‭ much-needed‬‭ transparency, accountability, and operational resilience‬. Regulations such as MiCA‬‭ (Markets in Crypto-Assets), DORA (Digital Operational Resilience Act), and the‬‭ AML‬‭ Package‬‭ will require centralized crypto service providers,‬‭ custodians, and other players to‬‭ implement higher cybersecurity standards, robust reporting mechanisms, and strict operational‬‭ procedures,” Budorin told BeInCrypto.

Beyond these jurisdictional regulations, Budorin urges all blockchain projects to address cybersecurity issues by complying with the CryptoCurrency Security Standard (CCSS). The CCSS provides a comprehensive framework for enhancing the security of cryptocurrency systems.The CCSS’s layout emphasizes thorough key management practices. Among its compliance mechanisms, CCSS controls require secure key generation using standardized random bit generators to minimize the risk of key compromise.

Encrypted storage and controlled access mechanisms are enforced to prevent unauthorized key usage. In contrast, properly implementing multi-signature setups and distributed key management mitigate the risk of exploitation by any single entity.These standards recommend implementing multi-layered security measures, conducting regular security audits, and establishing stringent access control guidelines.

By adhering to CCSS, organizations can significantly improve the protection of private keys. This would reduce the frequency and severity of security breaches related to access control vulnerabilities.Budorin believes that such losses could have been avoided if Radiant Capital and Orbit Bridge had complied with CCSS guidelines.

UAE Positions Itself As A Leader in Blockchain Security

Some nations have adopted extensive protocols to ensure Web3 actors adhere to operational security practices.

“The UAE, and specifically‬‭ Abu Dhabi Global Market‬‭ (ADGM)‬‭, is emerging as a global leader in‬‭ blockchain security and innovation due to its‬‭ forward-thinking‬‭ regulatory framework‬‭,‬‭ strategic vision, and ability to foster a thriving technology ecosystem,” said Budorin.

The ADGM is a financial-free zone on Al Maryah Island in Abu Dhabi. Established in 2013 by Federal Decree, ADGM is the city’s financial center, with its independent legal and regulatory framework.

“ADGM has established itself as a regulatory pioneer, balancing‬‭ innovation with‬‭ compliance‬‭. By creating clear, progressive guidelines‬‭ for blockchain and digital assets,‬‭ ADGM attracts businesses seeking a secure, compliant environment to grow,” explained Budorin.

In April, ADGM and Hacken signed a Memorandum of Understanding (MoU) to collaborate on enhancing blockchain security. The alliance aims to develop effective security standards and on-chain monitoring solutions within ADGM’s Distributed Ledger Technology (DLT) Foundations framework.

“Together, we are working to set global standards for Web3 security by providing‬‭ cutting-edge security audits‬‭,‭ penetration testing‬‭ , and‬‭ compliance solutions‬‭ to blockchain‬‭ projects in the UAE and beyond,” Budorin said.

Budorin hopes to see more collaborative efforts in the future that prioritize security and foster a sustainable Web3 ecosystem.