Treasury Department Extends Cyber Threat Intelligence Services to Digital Asset Sector
According to the Treasury Department, this expansion responds to the rising complexity and frequency of cyberattacks against cryptocurrency and digital asset platforms.
On Thursday, the US Department of the Treasury's Office of Cybersecurity and Critical Infrastructure Protection (OCCIP) made public its decision to broaden the scope of its cybersecurity threat identification program, now encompassing digital asset companies within its protective framework.
Digital asset and blockchain enterprises that opt to participate in this initiative will gain access to identical cybersecurity threat intelligence currently distributed to conventional financial institutions, with participation offered at "no cost," the Treasury's official announcement confirmed.
"Cyber threats targeting digital asset platforms are growing in frequency and sophistication," Cory Wilson, the deputy assistant secretary for cybersecurity at the OCCIP, said.
This program implementation satisfies policy directives recommended by US President Donald Trump's administration, which were detailed within its July 2025 publication, carrying the title "Strengthening American Leadership in Digital Financial Technology."
Cointelegraph made contact with the Department of the Treasury seeking additional commentary but had not received a response by the time of publication.
This program underscores the persistent difficulties associated with combating rapidly advancing cybersecurity threats that affect blockchain protocols along with their user base, considering that financial damages stemming exclusively from decentralized finance (DeFi) platform security breaches climbed to approximately $169 million during the opening quarter of the current year.
Foreign intelligence operatives continue infiltrating crypto projects and companies
Cryptocurrency projects along with their user communities face mounting exposure to sophisticated cybersecurity threats, executed through methods such as social engineering tactics or direct infiltration conducted by state-sponsored hacking collectives, notably including the North Korean-linked Lazarus Group.
Drift Protocol, operating as a decentralized cryptocurrency exchange platform, experienced a devastating $280 million security exploit earlier this month, with suspected North Korean-affiliated hackers identified as the perpetrators.
Members of the Drift team conducted in-person meetings with these malicious actors at a "major" cryptocurrency industry conference and maintained ongoing interactions with them spanning several months following that initial encounter, as documented in a preliminary incident report released by Drift Protocol.
Throughout this extended period of engagement, the threat actors successfully deployed cryptocurrency-stealing malware onto developer machines used by the Drift team, malicious software that was subsequently triggered during the April security exploit.
The specific individuals who initially made contact with the Drift team members at the industry conference were not identified as North Korean nationals, the report clarified.
The Seals911 team, operating as a collective of blockchain cybersecurity specialists, stated with "medium-high confidence" that this particular attack was most likely executed by the identical hacker group held responsible for the October 2024 security breach of the Radiant Capital DeFi platform.