What are the key risks facing businesses adopting blockchain technology and smart contracts, and how should we proactively secure our businesses against emerging blockchain-related threats?

PwC survey indicated that 84% of businesses are in the process of integrating blockchain into their technology stack, reflecting its growing mainstream appeal.

However, alongside this growth, the Chainalysis 2025 Crypto Crime Report reveals that US$2.2 billion was stolen from crypto platforms in 2024, with North Korean hackers responsible for $1.34 billion, accounting for 61% of the total amount stolen.

Although ransomware payments fell by 35%, following increased law enforcement actions, the total impact was US$813.55 million in 2024.

These figures underscore the pressing need for comprehensive security strategies as businesses venture into the blockchain space. Understanding the security landscape is essential for ensuring blockchain’s long-term viability amid evolving regulations and sophisticated cyberthreats.

For insights into the key risks facing businesses adopting blockchain technology, the importance of due diligence in smart contracts, and how proactive security measures can safeguard against emerging threats, we looked to Dr Tielei Wang, Chief Security Scientist, CertiK.

What are the biggest opportunities for businesses adopting blockchain today?

Dr Tielei Wang: Blockchain offers businesses unprecedented opportunities to enhance transparency, security, and efficiency across industries. In supply chain management, blockchain provides immutable, real-time tracking of goods and services, reducing fraud and inefficiencies while ensuring regulatory compliance. Financial institutions benefit from blockchain’s ability to enable instant, cross-border transactions without intermediaries, lowering costs and improving accessibility.

Additionally, decentralized identity solutions enhance security in user authentication, reducing reliance on vulnerable password-based systems. The tokenization of real-world assets, from real estate to intellectual property, also unlocks new business models by making traditionally illiquid assets more accessible and tradable.

With US$2.2 billion stolen from crypto platforms in 2024, what are the most pressing security concerns?

Dr Wang: These losses underscore systemic vulnerabilities in blockchain security, particularly in smart contract exploits, bridge attacks, and private key compromises. Cross-chain bridges remain a prime target, as hackers exploit their weak points to siphon funds across networks. Smart contract vulnerabilities, often due to rushed deployments and inadequate auditing, expose platforms to reentrancy attacks and logic flaws.

It is also notable that phishing and social engineering attacks have increased recently, compromising users’ private keys and wallets. The rapid evolution of threats highlights the need for businesses to adopt rigorous security measures, including real-time threat monitoring, multi-layer authentication, and routine audits of smart contracts and protocols.

Why is security expertise essential for companies entering the blockchain space?

Dr Wang: Unlike traditional IT systems, blockchain operates in a decentralized, trustless environment where security flaws can lead to irreversible financial losses. Businesses entering this space must recognize that blockchain security extends beyond standard cybersecurity measures; it requires specialized knowledge in cryptography, consensus mechanisms, and secure smart contract deployment.

Without experienced security professionals, companies risk launching vulnerable products that attackers can exploit, leading to severe financial and reputational damage. Engaging blockchain security experts for code audits, penetration testing, and continuous monitoring is crucial to building trust and resilience in this space.

How can businesses balance innovation with robust security measures?

Dr Wang: Pushing the boundaries of blockchain innovation should not come at the cost of security. Businesses can strike this balance by implementing security-first development practices, such as conducting rigorous code audits before deployment, utilizing formal verification for smart contracts, and integrating multi-factor authentication and encryption in user interactions.

Adopting a zero-trust security model can also ensure that access controls and verification mechanisms are in place at every level. Regular bug bounty programs incentivize ethical hackers to identify vulnerabilities before malicious actors can exploit them.

Ultimately, embedding security into the innovation process from the outset—rather than treating it as an afterthought—ensures that new blockchain solutions remain cutting-edge.