Adam Mazzocchetti Securely auditing a blockchain smart contract

Your Blockchain: without good security could be a problem.

Adam Mazzocchetti Blockchain Security

Blockchain is an encrypted electronic register developed more than a decade ago to protect bitcoin transactions. The system records the transactions of all Bitcoin users chronologically globally. 

Since the database has no central entry point and is distributed over a network of computers, many experts say it cannot be hacked. Blockchain has brought the ability to streamline business processes and make complex business processes more transparent to other industries, including manufacturing. Manufacturers can control supply chains via blockchain and protect themselves and their customers from counterfeiting. That is why many companies have invested millions of dollars in building their own blockchains. 

In July 2018, for example, the International Data Corporation reported that global spending on blockchain technology will exceed $11.7 billion by 2022. These investment figures reflect growing confidence in blockchain technologies, but are they as secure as many experts claim? An estimation is made that more than $15 million is stolen from cryptocurrencies every day; according to a recent report by the US Department of Homeland Security, not even the best exchanges can protect themselves from hackers. 

In June 2018, more than $1.1 billion in cryptocurrencies were stolen, according to the US Department of Homeland Security report. 

Although blockchain is still considered one of the most secure transaction systems, hackers can still exploit the electronic devices used to connect to it. Just like any standard computer system, a simple password can be hacked, and the risk to hackers depends on several factors, including the perceived value of the blockchain and the security of their network. Authorised users can access private keys that are protected by passwords that security experts say may not be secure. 

Blockchain security expert Howard Poston said: ‘The most dangerous failure continues to be the failure of the blockchain as a whole, not just the blockchain itself. The attack majority (51 percent) was achieved on smaller, less complex blockchains, including those used to manage inventory and other critical data. In some cases, hackers have outsmarted the blockchain by controlling a small number of devices, including mobile phones, tablets, and even computers. 

This risk is reflected in the 4000+ contracts I analysed, which I found were 4.5% were vulnerable to hacking. Smart contracts automate many blockchain tasks and are written to protect them, but if the code is easy to hack, cyber criminals can use a smart contract to break into the blockchain, steal or redirect assets. 

One way to reduce the risk of malware is to install content agents that scan everything that enters the blockchain and prevent malware from finding its way into it. Hackers can attach malicious software to authorised users of blockchain transactions, which can then infect a blockchain, monitor transaction data and steal information. 

Blockchain is a rapidly evolving technology with a wide range of applications, from financial services to health care, insurance to medical care. 

While the blockchain platform is relatively secure, the keys and high-value crypto-assets held on the platform are far from secure enough. Most security vulnerabilities can be quickly fixed, even in the case of a large-scale network breach, such as a public key attack. 

Most attackers prefer to exploit human vulnerabilities rather than attack the blockchain directly. This vulnerability, combined with the high number of public keys and high-quality crypto-assets on the platform, makes the network vulnerable to a variety of attacks, not just private keys. 

We need to use both new and existing technologies to improve blockchain security: for example, we are developing safes that better protect keys from hackers, some of whom have already adopted second-generation blockchain platforms.    

Businesses need to seriously address blockchain weaknesses and invest the time and resources needed to secure their networks. In addition to existing blockchain risks, technology companies must use blockchain in a secure way. If we are not prepared for the future, the fall of extinction will become a much more serious threat to the future of our economy and the global economy.