Polygon chief security officer Mudit Gupta has urged Web3 companies to hire traditional security experts to put an end to the hacks.
Gupta has pointed out that some of the recent cryptocurrency hacks are the result of Web2 security vulnerabilities such as private key management. Phishing attacks to steal credentials, rather than poorly designed blockchain technology.
Adding to his view, Gupta emphasized that smart contract security audits that do not apply standard Web2 network security methods are not enough to protect user protocols and wallets from being exploited:
“I’ve pushed all the big companies to get a dedicated security officer who really knows that management is important.”
While blockchains are usually decentralized on the backend, users interact with the application through a centralized website. So implementing traditional cybersecurity measures around elements such as the Domain Name System (DNS), web hosting, and email security is essential.
Gupta also emphasized the importance of private key management, the $600 million Ronin hack, and the $100 million Horizon hack are examples of the need to tighten private key security procedures.
Gupta suggested that the current sentiment from blockchain and Web3 companies is that if “you fall into a phishing attack, that’s your problem,” but argues that “if we want mass adoption,” Web3 companies should be held more accountable.
Polygon is an interoperability and scalability development protocol for building Ethereum-compatible blockchains, allowing developers to build user-friendly decentralized applications.
With a team of 10 security experts currently working at Polygon, Mudit now wants all Web3 companies to do the same.