By now, the myth that cryptocurrency is entirely bulletproof has hit the rocks. Even as crypto hacks become rampant, the “experts” tread the wary path of caution. Coinbase’s Brian Armstrong has said1 he could not prove that a mathematical formula to compromise Bitcoin keys does not exist. It is essential to add that he believes the risk is low, even if that were the case.
Considering the teeming number of people with access to this code, one must acknowledge that several hundred billion dollars represents a significant value. Therefore, criminal elements that use distributed denial of service (DDoS) attacks, like the attack on cryptocurrency exchange EXMO,2 or any other variant attack will be happy to work to claim their share of the proverbial booty. It is clear that the bad guys will always try. But if they are able to hack the blockchain, will that be the end of cryptocurrencies?
Why Does Blockchain Matter in Cryptocurrency
This subheading might sound a little misleading because blockchain technology can apply in any industry. As the technology evolves, many sectors are exploring how to integrate blockchain into their infrastructures.
Blockchain technology3 offers greater transparency, improved security and easier traceability. Blockchain is the backbone of cryptocurrencies. One of its essential functions is to allow monetary exchanges with other countries. The following are a few fundamental reasons why blockchain technology is an integral part of cryptocurrencies:
- Trust and security: Blockchain allows monetary transactions to happen reliably and securely. Besides, they are irreversible (i.e., operations are irreversible).
- No need for intermediaries: Operations do not need more than two people to proceed. Eliminating intermediaries saves time and money.
- Impossibility of forgery: Once a transaction is complete, it is impossible to cancel, delete, falsify or rectify the data.
- Protected information: Personal data and transactions are stored as appropriate, offering greater trust in the user.
The Creative Ways Hackers Bypass Blockchain Systems
Why do people insist that blockchain is unhackable? That is because it is supposed to be highly secure and unalterable. However, there has been a wave of cyberattacks that make people doubt the security of blockchain technology. Hackers are evolving in their methods, as is blockchain technology itself. By October 2019, hackers had stolen more than $4.26 billion4 from cryptocurrency exchanges, users and investors. In May 2019 alone, big cryptocurrency exchange Binance endured a highly significant $40 million loss.5
How do hackers penetrate “unhackable” blockchain networks? Below are some of their methods.
51 Percent Attack
In this novel type of attack,6 a user or a group gains a majority over the hash power on the specific blockchain system. Once this happens, they can rewrite transaction history and implement double spends, allowing reuse of tokens.
Fraudsters create fake websites that target users who incorrectly type a website into their browser to collect user data and access personal accounts.
Here, hackers intercept data traveling to internet service providers and split the network of nodes or computers into partitions. All parts of the network continue to operate as usual, oblivious of the others.
A hacker can create multiple fraudulent transactions in one partition. As soon as the partition comes down, the network rejects the truthful transactions and accepts the fake.
Like DDoS attacks, one party will control most nodes, but nodes are flooded with multiple requests from forged identities. The inevitable system crashes and prevents legitimate requests.
So far, there have been no successful Sybil attacks as they are expensive for single hackers to carry out.
Victims are made to part with confidential credentials by clicking malicious links and entering malicious data. The requests usually come from what appears to be a trusted third party.
Phishing can impact any type of online network and usually begin with an email.
Implications on Cryptocurrency and Foreseen Improvements in Cybersecurity
With enough thought, time and effort, a hacker can penetrate the blockchain. It is still a tall order for a single hacker, yet not impossible. Teamwork is invaluable for cybercriminals targeting cryptocurrency heists.
For one, working in teams helps to mitigate the cost of mining fees in Sybil attacks. A concerted cybersecurity effort is needed to deliver a collective and continual response to hacker attacks. Exchange, investor and user behavior are essential here. Still, it is necessary to act like blockchain’s security is beatable and penetrable to feel the pressure of taking cybersecurity seriously and always be prepared for a breach. The world of finance is based on trust and in a market as fragile as cryptocurrency, where a single press release can have drastic measures on the market, a security breach can be the last nail in the coffin for investors and traders as well.
David Lukić, information privacy, security and compliance consultant, IDstrong.com
- William Baldwin, “Can All Of Bitcoin Be Hacked?” Forbes, February 16, 2020, https://www.forbes.com/sites/baldwin/2020/02/16/can-all-of-bitcoin-be-hacked/?sh=138fcafd1dc1
- Dawna M. Roberts, “DDoS Attack Temporarily Breaks UK’s EXMO Cryptocurrency Exchange,” ID Strong, May 4, 2021, https://www.idstrong.com/sentinel/ddos-attack-temporarily-breaks-uks-exmo-cryptocurrency-exchange/
- “What is blockchain technology?” IBM, https://www.ibm.com/topics/what-is-blockchain
- Jeb Su, “Hackers Stole Over $4 Billion From Crypto Crimes In 2019 So Far, Up From $1.7 Billion In All Of 2018,” Forbes, August 15, 2019, https://www.forbes.com/sites/jeanbaptiste/2019/08/15/hackers-stole-over-4-billion-from-crypto-crimes-in-2019-so-far-up-from-1-7-billion-in-all-of-2018/?sh=6d38a87555f5
- Brian Barret, “Hack Brief: Hackers Stole $40 Million from Binance Cryptocurrency Exchange,” WIRED, May 8, 2019, https://www.wired.com/story/hack-binance-cryptocurrency-exchange/
- “51% attacks,” digital currency initiative, mit media lab , https://dci.mit.edu/51-attacks