With huge amounts of dependence on the internet and being connected, it becomes increasingly difficult to secure data and hi-tech devices. Cybersecurity problems affect us all on a personal and professional level and on a routine basis in the form of malware, ransomware, phishing or threats to our privacy.
Cyber intrusions on the blockchain
Once thought to be impenetrable, hacking is now a known issue on the blockchain. In January 2019, Coinbase detected that the blockchain trading Ethereum was being hacked.
One of the better equipped attackers had managed to subvert at least 51% of the computing power on the network, making it possible to double spend the cryptocurrency. Coinbase claimed that no crypto-coins were stolen from the currency wallets or from any of its accounts, and this blockchain heist has happened with numerous other crypto coins.
The 51% holdup was no coincidence, as blockchains rely on proof of work as a protocol for authenticating transactions, therefore by gaining control of 51% percent, the majority of ‘proof’ of authentication becomes easier for the cybercriminal to fake.
How it happens
When currencies are mined, nodes use large amounts of computing power to be allowed to add data about new transactions to the Blockchain. A fraudulent miner who somehow gains control of a majority of the network's mining power will create a new version called a ‘fork’ and create an alternative version of the blockchain, where actual payments never occurred.
The hacker then makes the ‘forked’ version of the blockchain into the dominant and authoritative version and spend the crypto-coins again. This is an incredibly expensive process to attempt for well-known Blockchains, as they would have to rent or steal enough mining power to challenge the Blockchain, however there are over 1500 cryptocurrencies and with a wide variation in price, and a lot less protection on some chains, the risks for hackers can be dramatically reduced.
Some examples of this have been on cheaper coins such as the 2018 hacks on Monacoin, and Bitcoin Gold, the attack on Ethereum, worth over $1 million, was the first against a high profile crypto-currency.
The other side
There are however, two huge advantages that the Blockchain has for cyber security that have limited the ability to hack into Blockchains and we shouldn’t underestimate the value of these, and how they can be transferred across to corporate cyber security settings, if at all.
If you have ever read a white paper, looked into an ICO or basically read any news on Bitcoin, the word decentralization keeps on reappearing.
Blockchain runs on a peer-to-peer network, which basically is a VIP club complete with clandestine keys, no overrides and secret handshakes.
If a hacker is trying to gain access to unauthorized data, the entire system will identify every detail and immediately shut that block out, basically there is no single source that really controls the Blockchain so it’s harder to meddle with.
This is made even more difficult through the many copies of the Blockchain ledger, so both DDoS attacks and related threats are less of a threat to private data.
Through blockchain, passwords are not necessary to authenticate, unlike in workspace settings – instead publishing a public key on the blockchain allows the chain to publish data stored in your system across millions of nodes or on various blocks on the ledger, this dramatically reduces ‘man in the middle’ hacks.
The bottom line.
Whilst the level of blockchain security is being threatened by newer and more threatening hacks, the decision to attack these systems and the cost to the hacker will drive or dissuade desire.
If corporate security systems could learn the lessons of blockchain security, we believe this would dramatically increase security outside of the blockchain. Hackers need to be smart, persistent and committed to get into the blockchain, even now which is not the case for personal and business cyber security and is, in many circumstances far less attractive than breaking into a cryptocurrency where cost is high but the risk may be worth it in the multi millions.