How secure is cryptocurrency?

How secure is cryptocurrency?

Did you know it’s possible to earn $32,000 by finding flaws in crypto platforms? This isn’t a scam though: white hat hackers were employed to fix these issues.

The likes of TRON, Brave and Coinbase have been busy fixing flaws. These companies, amongst others, paid security researchers between March 28 and May 16 across 30 public reports. The payments for these fixes ranged from £100 per fix to astonishing $10,000 given to one hacker, with Omise, the software developers behind OmiseGo paying for the most bug fixes altogether.

Perhaps the most important payment came from TRON, who awarded $3,100 to a hacker that found their network was open to malicious smart contracts that could have stopped its blockchain in its tracks.

Cryptocurrency hacks have been in the public eye of late. Crypto exchange Cryptopia lost almost all of its Etherium coins in January, after hackers attacked the company, before losing another $16 million in coins in an attack this year. Binance, another exchange, reported 7,000 Bitcoins stolen, with a reward of $100,000 to anyone who can fix the biggest holes in their systems.

[Hacking blockchain is] like solving a series of Rubik’s Cubes at once as opposed to just the one.

Sure, cryptocurrency is more unorthodox as an asset than traditional currency. Have things got so bad that exchanges have to work with the enemy now, though? Are these sums of money for securing blockchains essentially a ransom to keep exchanges from imploding?

Are blockchains and cryptocurrencies easy to hack?

Passwords and digital IDs are in essence, just puzzles. Some puzzles are easier to solve than others.

Blockchain itself cannot repel attacks. Blockchain is made of distributed ledger technology, meaning a blockchain is essentially a data structure holding records. Blockchains consist of a number of blocks, which represent transactions. Before it gets added to the chain, a block gets distributed to all the mining nodes on a network. This is so that they can each verify that a transaction is genuine.

It is actually quite easy to hack into a mining node and fake a transaction, but hacking a blockchain requires hacking every node simultaneously. It’s rather like solving a series of Rubik’s Cubes at once as opposed to just the one.

Despite this, hacking a blockchain isn’t impossible. The history of cryptocurrency is awash with instances in which hackers found loopholes and made away with vast quantities of coins. One of the most infamous incidents came in 2014 when cybercriminals stole $473 million worth of Bitcoin from MtGox users. It’s perhaps no surprise that at the time, this was a record.

What is transaction malleability?

MtGox was a victim of a transaction malleability attack. A transaction consists of input data – which includes signature data – output data and a transaction fee, which the miners collect from the transaction. Once data is added to the blockchain, it cannot be edited, corrupted or warped in any way.

However, hackers realised that they could hack the data before it entered the blockchain. A transaction malleability attack happens when hackers can alter the signature data from the input. The signature data can hide the fact that the transaction has even taken place.

So, suppose a friend sends you 10 BTC, but you alter the signature using transaction malleability to change the transaction ID: there’s no longer a record of you receiving your 10 BTC, so you can simply ask for it again. It’s the equivalent of claiming that a parcel hasn’t been delivered when it was left outside your house.

This is exactly what happened in the Mt. Gox hack. Around 7% of the world’s supply of bitcoins were stolen.

Should we trust cryptocurrency?

The pound sterling began life in precious metal.

In Anglo-Saxon England, trading coins literally meant exchanging silver; there was an intrinsic value to the money that people could recognise. Over the years, the materials we used to make our coins – and notes – changed, yet there was an inherent level of trust still, in the value of our currency.

What are blockchain and cryptocurrency worth to the world if they aren’t secure?

Compare this to the decade-old Bitcoin. It’s natural to have a suspicion of currencies that haven’t had centuries to build your trust. Cryptocurrencies are not regulated markets. The cryptocurrency world is deliberately anonymous. There are plenty of horror stories too about how easy it is to make off with millions worth of Bitcoins.

There is a risk of fraud with any financial transaction, though. The fact that money never passes through a bank is a sticking point for many people, but the decentralisation of cryptocurrency is one of its biggest draws. The negatives of cryptocurrency are heavily outweighed by the positives for many already implementing blockchain in their systems.

For businesses, there are plenty of ways to armour up against hackers. Designating a cybersecurity point person is the best start and establishing a security perimeter with multifactor authentication is key too. Training for employees and regularly backing up networks is important, too.

Perhaps the most reassuring thing about crypto security though lies in the fact that big companies are not naïve to the threats that hackers pose. With big firms dishing out thousands of dollars in repairs to their systems, this is a transparent problem. Really, an issue this big could threaten the future of the platform, and there’s too much invested – literally – in Bitcoin to lose. After all, what are blockchain and cryptocurrency worth to the world if they aren’t secure?

crypto, Blockchain, How secure is cryptocurrency?

Mark White

Mark is a writer/editor who has written online and in print.

The vital role business plays in the business intelligence equation

Phillip Smith • 03rd December 2021

As organizations continue turning their attention to technology advancements, to maintain some form of ‘business as usual’, there has never been a greater need for companies to truly understand the data they hold, and how to interpret it. Phillip Smith, the chief architect at workplace data analytics firm Tiger, explains more.

2,500 years of threat intelligence and its value continues to...

Anthony Perridge • 01st December 2021

Anthony Perridge, VP International at ThreatQuotient discusses how threat intelligence has evolved to form an essential aspect of modern-day cybersecurity. By harking back to the practices of our ancestors, today’s threat hunters can take inspiration about evaluating threat data to maximize the best possible decisions.

The gaming industry’s latest challenge: DDoS protection

Babur Khan • 30th November 2021

As the industry faces a rise in DDoS threats, it is time that gaming companies truly prioritise cybersecurity and business resiliency. In his latest article, Babur Khan,Technical Marketing Engineer at A10 Networks, lays out a framework for the industry to do just this, securing their customers and their own success against the tide of cyberattacks.

The Best Ten Rated Cloud Security Management Options For Business

Erin Laurenson • 24th November 2021

Cloud Security programs that can carry out safety procedures and address or flag potential high-risk elements are now critical, allowing businesses to function normally without fearing a potential breach. To help you find the best Cloud management and security system for your business, we’ve done the research and found the top systems presently available on...