Crypto Security & Integrity

US Treasury Expands Cybersecurity Program to Crypto Firms

Marcel Fuhrmann
/ 5 min read
A digital shield with a lock icon overlays a blue background filled with cryptocurrency symbols and binary code.

US Treasury Expands Cybersecurity Threat Intelligence to Crypto Firms – Digital Asset Platforms Gain Access to Federal Risk Data

Key Takeaways

  • The US Department of the Treasury has expanded its cybersecurity threat identification program to include digital asset companies.
  • Participating blockchain firms will receive the same threat intelligence as traditional financial institutions at no cost.
  • The move follows a July 2025 policy report from the Trump administration on strengthening US leadership in digital financial technology.
  • DeFi platform hacks caused nearly $169 million in losses in the first quarter of 2026.
  • Recent attacks, including a $280 million exploit at Drift Protocol, have been linked to suspected state affiliated hacking groups.

Treasury Extends Cybersecurity Program to Digital Asset Companies

The US Department of the Treasury announced that its Office of Cybersecurity and Critical Infrastructure Protection is expanding a federal cybersecurity threat identification program to cover digital asset companies. Until now, the program primarily served traditional financial institutions.

Under the expansion, blockchain companies that choose to participate will receive the same cybersecurity threat intelligence as banks and other established financial entities. According to the Treasury, this information will be provided at no cost to participating firms.

Cory Wilson, deputy assistant secretary for cybersecurity at the Office of Cybersecurity and Critical Infrastructure Protection, stated that cyber threats targeting digital asset platforms are increasing in both frequency and sophistication. The expansion is designed to address those developments by integrating crypto firms more closely into existing federal threat sharing structures.

Policy Background: July 2025 Report on Digital Financial Technology

The initiative implements recommendations outlined in a July 2025 report titled “Strengthening American Leadership in Digital Financial Technology.” The report was issued under US President Donald Trump’s administration and focused on reinforcing the country’s position in digital finance.

By extending federal cybersecurity intelligence support to crypto businesses, the Treasury aligns digital asset infrastructure more closely with the regulatory and security frameworks applied to traditional finance. The announcement reflects a broader recognition that blockchain based platforms now form part of the financial system’s critical infrastructure.

Rising Financial Losses From DeFi Exploits

The decision comes amid continued financial losses from attacks on crypto platforms. According to data cited in the announcement, decentralized finance platform hacks resulted in nearly $169 million in losses during the first quarter of 2026 alone.

Between 2022 and 2025, the sector recorded significant cumulative losses from crypto related hacks. These figures highlight the persistent vulnerability of smart contract based protocols, centralized exchanges, and developer environments to cyber intrusion.

For users of crypto trading, staking, or betting platforms, such incidents can directly affect asset security, platform availability, and operational continuity. While the Treasury program does not mandate participation, it provides an additional source of threat intelligence to companies seeking to strengthen their defenses.

Drift Protocol Exploit Linked to Suspected State Affiliated Hackers

Recent events illustrate the type of threats the expanded program seeks to address. Drift Protocol, a decentralized cryptocurrency exchange, suffered a $280 million exploit in April 2026. According to a preliminary incident report from the company, the attack was carried out by suspected hackers affiliated with North Korea.

The Drift team reported that individuals who initially approached them at a major crypto industry conference were not North Korean nationals. However, the attackers allegedly maintained contact with the team for months following the event.

During that period, crypto stealing malware was deployed on developers’ machines. The malicious software was later activated in connection with the April exploit. The sequence of events demonstrates how social engineering and long term infiltration can precede large scale theft.

The Seals911 group, a team of blockchain cybersecurity specialists, assessed with medium high confidence that the attack was likely carried out by the same group responsible for the October 2024 hack of the Radiant Capital DeFi platform.

State Linked Cyber Threats and Industry Exposure

The Treasury’s announcement also reflects ongoing concerns about foreign intelligence operatives targeting crypto projects. State affiliated groups, including the North Korean linked Lazarus Group, have been associated with multiple high profile crypto attacks in recent years.

These operations often combine technical exploits with social engineering tactics. In the Drift case, direct in person contact at an industry event preceded the deployment of malware. Such methods expand the risk surface beyond code vulnerabilities to include human and operational factors.

For companies operating crypto exchanges, DeFi platforms, or crypto enabled betting services, this environment increases the importance of structured threat intelligence and coordinated response frameworks.

Implications for Digital Asset Platforms and Their Users

By granting crypto firms access to federal threat intelligence resources, the Treasury places digital asset businesses on a similar footing to banks in terms of information sharing. Participation remains voluntary, but the availability of no cost intelligence may lower barriers for smaller firms seeking institutional grade insights.

For users, including those active in crypto trading and online betting, the development signals closer integration of the crypto sector into national cybersecurity infrastructure. While it does not eliminate platform risk, it introduces an additional layer of coordination between public authorities and private operators.

The expansion also underscores the scale of recent losses and the operational sophistication of attackers targeting blockchain based services.

Our Assessment

The US Treasury has formally extended its cybersecurity threat identification program to digital asset companies, granting them access to the same intelligence provided to traditional financial institutions. The move follows policy recommendations from a July 2025 federal report and comes amid nearly $169 million in DeFi related losses in the first quarter of 2026. Recent incidents, including a $280 million exploit at Drift Protocol linked to suspected state affiliated hackers, illustrate the types of threats the initiative aims to address. The expansion integrates crypto platforms more directly into existing federal cybersecurity information sharing structures.

Related News

Server rack with yellow warning triangle, glitching monitor displaying alert icon, cracked padlock over a globe background.
Crypto

CoW Swap DAO Warns Users to Avoid Site After Domain Hijacking

The DAO behind CoW Swap has warned users not to visit its website following a domain hijacking and reported frontend exploit.

Marcel Fuhrmann
Bitcoin Depot ATM with a digital lock overlay and red warning symbols on a dark background.
Crypto

Bitcoin Depot ATM Operator Reports $3.6M BTC Stolen in Hack

A Bitcoin Depot ATM operator said $3.6 million in Bitcoin was stolen in a corporate hack. The incident was reported on April 8, 2026.

Marcel Fuhrmann
Courthouse with columns, digital blockchain ledger screen, and stacked coins with shield badge in front.
Crypto

Indonesian Courts Use Blockchain Data to Convict Terrorism Financiers

Indonesian courts relied on blockchain transaction data to convict three individuals for terrorism financing. Authorities traced over $49,000 in USDT to an ISIS-linked campaign.

Marcel Fuhrmann