TL;DR
- Jason Jiang, CertiK’s CBO, says every crypto hack is preventable and attributes breaches to human error and the industry’s lack of maturity.
- The expert argues that attacks like the Bybit breach, which led to a $5 billion theft, originated from social engineering and operational oversights.
- CertiK is strengthening its security frameworks and launched a bug bounty program to identify vulnerabilities before they can be exploited.
Jason Jiang, blockchain security auditor and Chief Business Officer at CertiK, believes that every major crypto hack can be prevented, even though the industry is still in its learning phase.
According to Jiang, recent incidents such as the Bybit breach —which resulted in the theft of up to $5 billion— are not inevitable but rather the product of human mistakes and the sector’s immaturity. The attacker used social engineering techniques to gain access to wallet addresses and withdraw funds, proving that human factors played a key role in the chain of errors that led to the outcome.
CertiK Launches a Bug Bounty Program
The CertiK CBO explains that most incidents stem from poor decisions or operational negligence, not from flaws in the code. Many vulnerabilities are easy to fix, but the industry still lacks mature internal protocols and standardized response systems. He compared the crypto industry to traditional banking: while banks took more than 200 years to achieve robust security standards, blockchain technology has existed for less than two decades, so it is reasonable that procedural and asset protection gaps remain.
To mitigate risks, Jiang emphasizes the need for stronger security frameworks, tighter coordination among projects, exchanges, and independent experts, and better incentives for early vulnerability detection. CertiK has launched its own bug bounty program to encourage identifying weaknesses before they can be exploited. Transparency is also improving, as more projects now publish their vulnerabilities and security protocols on bounty platforms to promote public review and continuous improvement.
Hacks as Opportunities for Learning
The CertiK executive notes that every hack serves as both a warning and a learning opportunity. The next stage of the industry will depend on its ability to protect assets with the same effectiveness it promises. Jiang concludes that the ultimate goal is to build a secure ecosystem where attacks are detected and neutralized before affecting users and institutions, establishing security standards comparable to those of traditional financial systems.
CertiK is a leading name in blockchain security. The company promotes industry maturity through audits, reward programs, and education about both human and technical risks
