Could Blockchain be ripe for hacks, scams and gold diggers?
Cryptocurrencies and blockchain, like any new technology, bring with them a whole slew of security and financial concerns.
According to TechnologyReview.com, the whole point of using a blockchain is to let people share valuable data in a secure, tamperproof way. That’s because blockchains store data using sophisticated math and innovative software rules that are extremely difficult for attackers to manipulate.
David Grout, CTO for EMEA at FireEye, a cybersecurity expert & solutions provider, believes that there are some risks to consider, however.
In a Q&A with AMEinfo below, he reveals stunning facts about the technology.
Q. We are being sold the idea that blockchain is 100% secure. To what extent is this true?
A. You need to be careful of some vulnerabilities around blockchain. One of them, as an example, is the size of the network you are using to build up the blockchain. There is one kind of attack that is really well known – what we name the 51% attack. The 51% attack refers to an attack on a blockchain by a group of miners controlling more than 50% of the network’s mining hash rate, or computing power (In this case, the global network is the network’s mining hash rate, or computing power). The hackers might be able to influence all the results of the blockchain since they are taking more than half of the decisions tree.
The blockchain ID tries to decentralize everything and to receive agreement for the next result. In this case, if you have 51% ownership or more, you can really influence all the results and also deny some specific transactions [according to the majority’s motives].
Q. Why would someone benefitting from blockchain do that?
A. The most common motivation is financial incentive. Another motivation could be to corrupt the information, for numerous reasons, or even to try to destroy trust in the blockchain owner or client.
As an example in the GCC, you have governments that decided to fully utilize blockchain as a government tool. If you are looking at the UAE for example, the government wants to move forward by 2020-2021 with at least 50% of government documentation being managed by blockchain.
If someone is able to manipulate this kind of information, it might be useful for them to try to destroy public trust in the government.
To limit this, clients of blockchain projects need to try to increase the size of the network stakeholders/users. The more computing capabilities you have, the more you are distributed. It is then less easy to try and get the 51%.
In a small network, it’s easier to acquire 51% of the computing power compared to a large network.
Q. So what is your role in this?
A. Our role is really more around education. We aren’t proposing any safety products. It is more about educating, informing, and giving the right intelligence to people in order to provide them with an understanding of the risks and how to avoid them by being prepared.
Our main role will be around providing understanding of the usage, limitations and the risks, in order to share with our customers what attackers are like, and what their intents are. This is in order to help governments and private companies to be ready and correctly understand the risks they are subject to when using these new technologies.
Q. What other security concerns do you see for blockchain?
A. I would say, in terms of security concerns, we can see a few. Scams and phishing remain concerns for cryptocurrencies.
One cryptocurrency decided to go for an ICO (initial coin offering). A malicious party went to the website and hacked it, changing the wallet hyperlink to their own. When people subscribed to the ICO to invest, they subscribed to the wrong wallet, and their funds were redirected to the hackers’ wallet. As simple as that.
This is one of the examples I can give you in terms of scams.
The other example is fake ICOs. You have some groups who have built totally fake ICOs from beginning to end. One of the most well-known scams are traditional Ponzi schemes, or pyramid schemes.
Right now, the focus of cybercriminals is on cryptocurrencies because this is where the money is.
“Certainly, we will see more and more attacks on blockchain and crypto,” he ends.