Do Web3 Incidents Repeat Themselves?
May 31, 2022 - We ran an analysis of incidents maintained in our Web3 hack and scam database dated back to 2011. Incident count provides a metric to measure the risk of the project.
The higher the incident count the more likely the project will experience other unfavorable events. By dividing total loss by the incident count, one can also gauge the historical average loss associated with the project. By examine incident count distribution over time, we can infer if projects, as a collective, are becoming more secure or not.
Let's dig in to see what we found as of May 28, 2022. Incidents are divided into several tranches, where each trache represents the number of times the same entity has experienced a security incident. The first chart below shows the distribution of incidents from 2018 - 2022.
74% of all recorded incidents are single time event in that they do not repeat. Over 14% are incidents that repeat one time. 4.7% of the incidents repeated three times, with about a percent of the total incidents repeat 4 to 6 times more. We observed no incident that repeats seven or more time.
Next, we examine how does the trend appears across different periods dated to 2018. Keep in mind that for 2022, our data is limited to May 28, 2022.
Two conclusions can be drawn from the data sets. First, there does not appear to be any first-time improvement to Web3 security as recurrences for tranche 2 remain similar to prior period of 2018 through 2021. In other words, we can definitely say that at least 14% of entities experience a second incident within a year. Secondly, the repeated incidents are declining in 2022 from observed in prior periods. As we are almost half way through the year, it may be possible to extrapolate that the improvement will likely to hold across all tranches from 3 through 7.