Neglecting cybersecurity may save costs in the short term, but it often leads to catastrophic breaches.

The recent Bybit hack, one of the largest in history, highlights why security investment should never be overlooked.

Last week, Bybit, one of the world’s leading cryptocurrency exchanges, was targeted by hackers, who managed to steal assets worth an estimated $1.46 billion.

This incident ranks among the most significant cyberattacks ever recorded, offering valuable lessons for developers and investors alike.

Explaining the attack, Dr. Do Van Thuat, a technology expert and member of the Scientific Council of the Institute of Blockchain Technology and Artificial Intelligence (ABAII), stated that Bybit stored assets in smart contracts with multi-signature security, requiring approvals from multiple authorized parties before withdrawals could be made.

However, hackers found a way to deceive the contract administrators, tricking them into authorizing fraudulent transactions.

According to Dr. Thuat, smart contracts are like locked vaults; instead of breaking the lock, hackers manipulated keyholders into opening the door for them.

The attackers exploited vulnerabilities in Web2 infrastructure, infiltrating traditional IT servers, planting malicious data, and deceiving system administrators into granting them unauthorized access.

Dr. Nguyen Trung Thanh, Chairman of the Web3 Committee at the Vietnam Blockchain Association, emphasized that orchestrating such an attack requires extensive research, patience, and precision.

Hackers meticulously monitored Bybit’s ecosystem, identifying weak links, particularly within Web2 infrastructure and human management processes.

These vulnerabilities are not always present but may emerge due to lapses in product deployment, personnel management, open-source software oversight, or third-party service integration.

Some security flaws may have existed for years without detection, waiting for the right moment to be exploited.

Once identified, these weak points become prime targets for cybercriminals seeking unauthorized access.

Despite the increasing sophistication of cyberattacks, Dr. Thuat noted that the fundamental weakness in this case was not the smart contract itself but rather the administrators who were deceived. Most smart contracts remain secure, offering vast potential for innovation and application.

To mitigate hacking risks, experts from the Vietnam Blockchain Association stress that developers and system operators must prioritize security, continuously consulting with cybersecurity firms and regularly updating their systems.

Dr. Thanh reiterated that achieving absolute security is impossible, but risk reduction and proactive defense strategies are essential.

Investing in technology should never be underestimated. While cost-cutting may seem beneficial in the short term, overlooking cybersecurity can lead to devastating consequences in the long run.

Reflecting on the Bybit hack, Phan Duc Trung, Chairman of the Vietnam Blockchain Association, urged Vietnam to establish clear security standards and regulatory frameworks for digital assets.

As the digital asset market grows, the absence of legal clarity not only exposes investors to risks but also stifles the blockchain industry’s potential.

A strong legal foundation is necessary to build a secure and innovative digital asset ecosystem that protects users while fostering growth.

Trong Dat