July 1, 2020

Hackers Target Enterprise Blockchains

By admin

The invincibility of blockchain technology has been in question recently as news of private blockchain, especially meant for enterprise use, is being attacked by hackers. Initially, blockchain technology was lauded worldwide for being immune to hacking attempts. However, this worldview has changed drastically in the last few years, with more than $2 billion worth of cryptocurrency stolen by hackers since 2017. As per the recent trends of hacking attempts, the hackers are targeting the private blockchain networks more than the public networks like Ethereum or Bitcoin. 

Theoretically, the private blockchain networks should be more secure and difficult to crack through as the ecosystem is smaller, and people involved are well-known to each other. Private Blockchain networks make it difficult for someone hacking the system to hide. However, this conception has been proved wrong as more and more private Blockchain networks start their online operations. The cybercriminals have found that breaking through these smaller ecosystems is much easier and is very much hackable, unlike what was earlier believed. 

Blockchain technology is entirely based on the network of computers, otherwise known as nodes. The design of blockchain technology is such that the node owners have a financial incentive in being associated with the system through a process called mining. The system is ideally simple as every transaction can be easily identified, verified, and added. Hacking the same, however, is quite difficult and moreover, highly expensive. Many large scale corporations, including New York Stock Exchange and Fidelity Investment Corp, have been trying to take advantage of the blockchain technology for a while. 

Unfortunately, the rush among these corporations to take advantage of this technology has left a few gaps open. The blockchain apps weren’t available for public use until recently as they were under development. Moreover, the enterprises are twisting the security and safety offered by blockchain technology to serve applications that give hackers a financial incentive, which wasn’t the case earlier. One such example is a security app named Orchid, which is backed by Ethereum. These apps are on production mode and have shifted from the research and development phase, which makes a potential prey for the hackers. 

With time and effort made by professional hackers, few of the loopholes in the blockchain technology are now exposed. It isn’t as invincible as it was earlier perceived to be. One of the biggest drawbacks of the blockchain system that is being misused is the 51-percent rule. For a transaction on the blockchain network to be approved, it needs to be approved by the majority or 51-percent of the participating nodes. So, if a single entity manages to sum up resources that allow it to control the majority, it can simply send the payments. It would then create an alternative version of the entire database where no such transaction took place. 

While collecting the computing resources to nine major cryptocurrencies as Bitcoin or Ethereum runs in thousands of dollars per hour, the smaller coins continue to be vulnerable due to lesser cost involved. Currently, the biggest threat to the corporate and private blockchain networks is from the inside, rather than outside. It is primarily because every employee or vendor who is invited within the network has access to the entire database without exceptions. It is not the case with larger public networks, such as that of Bitcoin. There are companies like Kaspersky that have a proven blockchain security auditing system in place, which can be hired by smaller private networks. As of now, the private blockchain networks should focus on threats from inside rather than outside. As the market for private blockchain network grows, there should be more companies offering security audits and maintenance support that these networks can rely on.