Hacking the Blockchain! Are you really safe?

Andrew February 25, 2019
0 Comments

Two billion individuals personal information such as Private ID numbers, credit cards, emails and much more, were hacked in just the top three attacks of 2018. In India, Aadhar, was hacked and the private information of 1.1 billion Indian citizens was compromised. Additionally, the Marriott Star Hotels which operate globally were also hacked over the last 4 years and in 2018 they realized that over 500 million pieces of confidential customer’s information had become vulnerable due to this ongoing breach. Finally in the top three category of hacks, Exactis, was breached with 340 million identities of individuals and businesses compromised. The threat of cyber breaches is not going away and will only grow in both the near and long term.

There are many misconceptions when we speak about cyber security, matter of a fact we hear the word, “immutable” all the time in connection with blockchain technology and thereby think that blockchains can’t be hacked since no information is erasable. This sort of opinion is a fallacy spread by blockchain enthusiasts who neither know the inner workings of blockchain technology nor work in the field. Immutability refers to information being written onto the blockchain and permanently being inscribed there. While this is true, the ability to actually attack the blockchain exists.

When referring to the possibility of hacking the blockchain, we often think of the 51% Attack, which can be described as miners controlling more than 50% of the network’s mining hashrate, or computing power. Through this control our “hackers” could control the ability of new transactions from receiving confirmations and thus halting new payments. There would also be the threat of reversing transactions and double spending. Numerous articles have been written on this sort of attack, and in actuality, smaller cryptocurrencies such as, Monacoin, bitcoin gold, zencash, verge and now, litecoin cash have already been hacked by a 51% attack.

Generally speaking, the problem isn’t the blockchain technology that is hackable as we saw above. The cryptography behind blockchain is solid and while nothing that is put on the blockchain can be changed or destroyed there is a weakness, and that weakness resides with how people interact with it, and write code for it without taking security risks into consideration. Poorly written smart contracts can be very simple to hijack by professional hackers and stealing peoples accounts/password can be done with any number of attacks (against the individual, not against the blockchain). Furthermore, it is a terrible idea to store cryptocurrency in exchanges because they’re likely to get hacked too. While the blockchain itself can’t lose the data, it can be transferred to different owners if you bypass controls set by the platform you’re interacting with the blockchain through.

In order to solve this problem, there needs to be a two prong approach. The first is leading penetration testing companies, such as, FireEye, Synack, Specterops and Bloom Cyber Defense will have to dedicate Red Team resources into specific blockchain testing, for common hacking tools like NMAP and SQL Map were built for websites and applications, and they were not constructed with blockchain’s infrastructure in mind. The second approach is that individuals need to learn new architecture/languages such as Rholang and tools that are specific for blockchain applications. Trying to translate programming language and norms from one to the other is not as it sounds. This will have to be built on formal and structured curriculum. For the wider the understanding (instead of individuals creating their own random courses) and grasp on technology, the easier it will be to safeguard blockchains in the future.

In the end, cyber security and safeguarding against hacking of the blockchain will only become a reality when we transform our thinking and technology towards the specific field of technology that we are talking about. It is time to construct a coordinated answer to the threats of the future. This construction will only come about when both private and public companies come together and partner in the advancement of blockchain cyber programming. For only  an integrated approach will fend off the hackers of the future.

 

Categories: Uncategorized
Tags: , , , , , , , , ,
Andrew
Certified Blockchain Expert, Consultant and Educatorl

Related Articles

Responses

Report

Harassment or bullying behavior
Contains mature or sensitive content
Contains misleading or false information
Contains abusive or derogatory content
Contains spam, fake content or potential malware

Block Member?

Please confirm you want to block this member.

You will no longer be able to:

  • See blocked member's posts
  • Mention this member in posts
  • Invite this member to groups
  • Message this member
  • Add this member as a connection

Please note: This action will also remove this member from your connections and send a report to the site admin. Please allow a few minutes for this process to complete.

Report

You have already reported this .