Running drills: Preparing for a blockchain hack
Updated: Oct 29
Yesterday, renowned blockchain security expert Samczsun announced the public launch of the SEAL Drills initiative. SEAL Drills aims to help blockchain protocols and projects prepare for a potential blockchain hack by conducting a simulated attack against their protocol.
The initiative is a collaboration between Sam, Isaac Patka, and a number of other whitehat hackers and researchers.
The goal of the initiative is practicing detection, diagnosis and swift response during a blockchain attack. Having battle tested its attack simulation model with Compound DAO and Yearn, the SEAL Drills team has opened expressions of interest for other protocols looking to test systems.
In the Yearn simulation, a group of core contributors to the protocol encountered a mock attack on an oracle price feed intended to drain certain vaults of funds. In the scenario, the team responded by activating an emergency shutdown procedure to return funds to a vault.
According to Chainalysis, nearly USD$3.8 billion was stolen in blockchain hacks last year. Nearly half of that has been linked to North Korean hackers. The SEAL Drills initiative highlights the importance of crisis management experience and planning in responding to blockchain hacks and cyber threats.
Proper planning is also vitally important in responding to the legal implications of a cyber attack. It helps to have a crisis management plan in place that can be activated in the event of an incident. Precious time will invariably be wasted marshalling a plan after an attack occurs.
Some of the key considerations for legal counsel in formulating a crisis management plan include:
Assembling the right team, including subject matter experts (which may include, security teams, legal counsel, communications, executive, among others) and having their emergency contact information ready and accessible.
Having clear lines of decision-making to manage the incident swiftly.
Ensuring secure communication is ready to deploy between the response team.
Taking steps to secure systems and data, and tracing and freezing assets (which, in a blockchain context, may involve engaging blockchain analytics firms and external legal counsel to trace and injunct stolen assets).
Having a communications strategy: Issuing a holding statement to manage stakeholders and public relations. It is often better to say less than more where not all facts are known and speculation would be unhelpful. However, timely and clear communication is vital to maintain confidence and trust.
Considering regulatory reporting obligations to relevant authorities, including anti-money laundering, privacy or sanctions authorities.
Notifying insurers, where applicable.
Investigating the incident and identifying learnings.
The SEAL Drills model addresses a number of these items under extreme time constraints.
As the old adage goes, people don't plan to fail, they just fail to plan. Given today's heightened cyber threat environment, crisis management planning is vitally important to address what can be an existential threat for any business, blockchain protocol or start-up.
There's been a great response already with a range of well known Web3 folks getting on board with SEAL Drills:
Written by Steven Pettigrove and Michael Bacina