NSF Award
1714291
Cryptocurrency platforms facilitate trade, currency exchange, payments and other advanced financial instruments for Bitcoin and other emerging cryptocurrencies. Although there has been an explosion of innovation over the past several years, frequent security lapses threaten the viability of these new technologies. This project investigates how cybersecurity shocks affect the operation of cryptocurrency platforms. It has three main parts. First, the project collects extensive longitudinal data on security shocks to the platforms, such as distributed denial of service attacks, publicly announced security breaches, and unplanned outages. These data are being combined with publicly available data on platform operations, such as changes to trading volume, exchange rate fluctuation, and currency exchange market share. The purpose is to measure any impact the shocks have on the wider ecosystem. Second, the project seeks to identify opportunities for malevolent actors to profit from security shocks, to quantify the extent to which abuse is possible, and to identify cases where malicious actions have been taken. Third, the project seeks to develop empirical models of the probability of shocks and identify what factors, ranging from platform size to security hygiene, affect the occurrence of shocks.<br/><br/>This project contributes to the nascent science of cybersecurity by emphasizing empirical analysis of real-world threats. By combining measurement of security shocks on these platforms with data on how these shocks impact operations, this research has the potential to identify several new categories of financially-motivated attacks on cryptocurrencies. For instance, by tracking multiple currency exchanges, the investigators can precisely quantify the negative spillover effects of insecurity, something that has frequently eluded prior researchers studying the economics of information security. Also, the unprecedented level of transparency adopted by these new platforms could enable the researchers to learn more about the impact of attacks than is possible when studying cybersecurity threats in traditional financial markets. Moreover, the findings will aid regulators and exchange operators by quantifying adverse impacts of different shocks, and potentially even yield lessons far beyond cryptocurrency platforms, and help protect the broader financial system from adverse contagion.
