If you have been hearing a lot about topics such as cryptocurrency and blockchain, you might have wondered what they are, what is the purpose, and whether or not blockchain is secure? As with anything that is digital, the answers are all in the design and encryption. In the case of blockchain, it was created as an alternative to standard finances with the goal of being “hack proof.” However, let it be known that this rule-of-thumb is maintained, as long as people aren’t involved in the transactions.
Blockchain is a sophisticated set of algorithms that allow people to have net-based transactions that are stacked or blocked one after the other. Think of it as a kind of accounting ledger which is stored on multiple copies on the net called “nodes.” When a transaction occurs, the node validates the individual, the fact that they have virtual money to spend, and that the transaction is valid. Once confirmed, the information is stored in a block and added to the chain of previous blocks. Each block can hold millions of transactions, but once created, it cannot be edited. Blocks are then stacked in a kind of “chain” and each time someone accesses them, they get their own copy. In this way, if someone wanted to try to hack into a blockchain, they would have to have access to all of the millions of copies. Individuals that own the nodes are called “miners,” and each time financial transactions are added to the blocks and chains, they earn money.
Technology review describes the blockchain security as: “What makes this system theoretically tamperproof is two things: a cryptographic fingerprint unique to each block, and a “consensus protocol,” the process by which the nodes in the network agree on a shared history.”
However, in theory all of this sounds great, until you add the human element into the equation. There are ways to cheat the system, and when it comes to cybercriminals, they will keep trying until they succeed. There are a multitude of methods to cheat, the most prevalent being the “selfish miner” which allows the individual to fool other nodes and get an unfair advantage over other nodes. Another way is called an “eclipse attack” which interrupts the required constant communication between the nodes and fools it into acceptance of false information that “appears” to come from the network.
Since blockchain interacts with the real world at a number of points, there are ways to “cryptojack” and break into applications that are internet-connected and “hot wallets” to access the financial data and spend it. The most sophisticated crytojack method is between real world “smart contracts” and blockchains. These are programs that are stored within the blockchains and can create automated transactions. This weakness allowed $80 million in 2016 in the Ethereum blockchain. Symantec reports that they blocked over 32 million crytojacking events in 2018, which demonstrates that cybercriminals just don’t give up.
Even MIT has a curious and somewhat confusing answer to the “security” question: “So in the end, ‘secure’ ends up being very hard to define in the context of blockchains. Secure from whom? Secure for what? ‘It depends on your perspective,’ says Narula.” [Neha Narula, director of MIT’s Digital Currency Initiative].
As digital continues to enter our world, Da Vinci Forensics will stay on top of all of the latest information, offering advice and assistance to understand the various changes. Security is always our top priority, and our team works diligently to ensure that individuals and companies are informed of any areas and touchpoints that can affect their lives and businesses.
Da Vinci Forensics
Source: Technology Review