Cybersecurity Impact On Blockchain Technology

Renjith KN
7 min readJul 22, 2023

The information age explosion of online data has brought with it lapses in security protocols that regularly expose our most sensitive information to malicious actors. Finding a reliable cybersecurity protocol, therefore, is more important than ever before. Industries across the board are latching onto new technology that promises to improve online safety, with blockchain cybersecurity leading the way.No cyber defense or information system can be regarded as 100% secure. What is deemed safe today won’t be tomorrow given the lucrative nature of cybercrime and the criminal’s ingenuity to seek new methods of attack.

How Cybersecurity Impacts Blockchain Technology.

Cybersecurity is built into blockchain technology because of its inherent nature of being a decentralized system built on principles of security, privacy, and trust.

In addition to transparency, cost-efficiency, and enhanced security, it is fast. Data on a blockchain network is delivered in real-time, making it useful to anyone who wants to track assets and see transactions end to end, such as payments, orders, and accounts.

It’s important to note that viewing transactions or transmissions may be instant, but due to encryption and serialization processes, each record can be slow to upload compared to typical data networks.

Furthermore, the US’s Defense Advanced Research Projects Agency (DARPA) has been working with blockchain technology to create a system that deters and prevents hackers by not only immediately flagging attempts to compromise data but also providing real-time intelligence on the bad actor.

Blockchain’s inherent cybersecurity benefits include the following:

Decentralization

Blockchains don’t rely on a single trusted central authority, they’re decentralized systems. With distributed ledger technology (DLT), transactions are recorded across every network node, so cybercriminals face challenges viewing, stealing, or modifying data. This program aims to build trust among participants in hard-to-trust areas.

Collaborative Consensus
Blockchains’ collaborative consensus algorithm means that it can monitor the ledger for unusual or malicious activity.

Strong Encryption Practices
Blockchain networks use encryption and digital signatures effectively, using public key infrastructure for:

  • Validating configuration modifications
  • Authenticating devices
  • Securing communication

An infrastructure of asymmetric cryptographic keys and digital signatures is often core to blockchain technology, providing verification of data ownership and data integrity. In some cases, these elements eliminate the need for passwords, an attack vector through which cybercriminals frequently gain unauthorized access to accounts and networks.

Immutable Records
Nobody can modify a recording on a blockchain ledger. If a record contains an error, it can only be rectified by making another transaction, in which case both transactions will be legible.

IoT Protection
With increasing applications in various industries, Internet of Things (IoT) devices are often targeted by cybercriminals due to their inherent vulnerabilities. Blockchain provides additional protection for those using IoT devices.

Preventing DDoS Attacks
A Distributed Denial of Service (DNS) attack aims to overload a server with requests. It requires a focal point to target, typically an IP address or a small group of IP addresses.

However, a blockchain-based domain name system (DNS) can remove that single focal point, neutralizing this cyber threat.

Data Privacy
While its transparency is a prime benefit of using blockchain, with everyone able to see immutable transactions, a permissioned blockchain network will allow only trusted networks to view or participate in transactions. This can be achieved with minimal governance.

Furthermore, blockchain lacks the traditional targets sought by cybercriminals, making it more challenging for them to achieve unauthorized access by targeting privacy rules.

Smart Contract Security
Smart contracts are sets of rules stored on the blockchain that trigger transactions when the conditions are met. This automation makes payments more convenient. Blockchain remains secure because its components are tested for authentication, data security, access control, and business logic validation.

Traditional Cybersecurity Best Practices and Blockchain.

When implementing an enterprise-level blockchain network, whether to track currency, orders, accounts, or other digital assets, traditional cybersecurity best practices will enhance blockchain’s inherent security advantages.

Risk Management
Just as with the implementation of any business system, a thorough risk assessment and subsequent management process are required to ensure data protection and the safety of business systems.

Regulatory Focus
Heavily-regulated industries aim to protect the public and critical infrastructure with clear guidelines regarding information security. Any blockchain implementation should be carried out with a close eye on regulatory requirements.

Disaster Recovery Plan
An organization’s disaster recovery plan must be updated to incorporate its blockchain technology. It must contain the names and contact details of the participants.

Following the risk management process, the business’s disaster recovery plan should be updated with scenarios surrounding the risks to the blockchain, including clear descriptions of what people must do in the event of every potential blockchain incident.

Minimum Security Requirements for Blockchain Participants
An organization implementing a blockchain solution requires detailed policies on identity verification and access management. This is a critical area for blockchain applications since it’s a potential source of strength and contributes to a firm’s vulnerability.

Security Infrastructure
Since blockchains can be compromised by the theft of keys and unauthorized access to staff devices, the blockchain must be implemented in an environment with an effective cybersecurity structure.

Blockchain Security Considerations.

Despite the inherent privacy and authentication advantages of using blockchains, it’s important to note they are not invulnerable to cyberattacks. Organizations implementing blockchain solutions must use the best cybersecurity practices company-wide and examine blockchain-specific risks and cyber solutions to ensure information security.

The main cyber risks affecting blockchains are:

  • Theft of keys
  • Code exploitation
  • Compromise of physical devices
  • 51% attacks
  • Physical device theft

Theft of Keys
As secure as a blockchain may be, things can go badly if a cybercriminal manages to steal keys. Various thefts of keys have led to the loss of millions of dollars worth of Bitcoin.

In 2016, $72 million worth of Bitcoin was stolen from Hong Kong’s Bitfinex exchange, taken from users’ segregated wallets. The theft represented about 0.75% of Bitcoin in circulation, causing a 23% slump in the currency’s value.

Cybercriminals use phishing — among other methods — to access wallet key owners’ access credentials. They can create emails that look as though they are coming from an authority, demanding access credentials via fake links. If a phishing attempt fools the owner of a key, the cybercriminal can take action that causes harm to that individual and the blockchain network.

Blockchain provides anonymity, security, and convenience, but there is typically no recourse when stolen keys are used to steal currency.

Code Exploitation
An exploit is a mechanism by which a hacker takes advantage of a vulnerability. In 2016, a hacker used code exploitation to steal $50 million worth of Ether, the currency for the Ethereum platform.

Hackers are adept at intercepting data in transit. One of the problems they must solve is where in the data transmission process they are most likely to succeed. In the case of blockchain transactions, they may be able to steal data on its way to internet service providers (ISPs), extracting confidential data or even currency.

Bitcoin mining — the process by which connected computers use their processing power to complete complex cryptographic calculations to verify Bitcoin transactions — is also an attack vector in public blockchain networks.

51% Attack
A 51% attack involves a hostile blockchain takeover by attaining 51% of the network’s mining power. An individual or group with 51% of a blockchain’s mining power has control of the ledger and can manipulate it.

Exploits like this remind organizations that blockchain is not infallible and cybersecurity best practices are required to protect digital assets.

Physical Device Theft
Hot wallets — virtual currency wallets, including mobile, desktop, and browser-based wallets stored on devices that can connect to the internet — are known to be less secure than cold wallets, which are stored offline.

Even if a blockchain were 100% secure (they’re not), it would still be at risk because access credentials are out in the wild. If a hacker can compromise a physical device, they may be able to make significant fraudulent transactions.

Blockchain Cybersecurity Challenges and Drawbacks
While blockchain technology offers significant benefits, it’s unclear how it will tie in with cybersecurity requirements and business needs.

Regulatory Issues
One of the key characteristics of a blockchain is that parties cannot delete or modify transactions. However, this could be problematic for businesses because EU-GDPR, for example, demands that individuals have the right to delete their data, which does not fit the current blockchain model.

When implementing a blockchain solution, it’s critical to make meeting regulatory and compliance requirements a primary consideration. The organization must be able to satisfy regulators while using blockchain technology.

Scalability
Because transactions are implicated in every node, increased transactions can cause issues with block sizes, slowing validation. This is one of the main reasons why larger enterprises or businesses have not adopted blockchain because the high traffic volume may affect data processing speeds. The need for additional verification and security makes blockchain technology slower than traditional systems and networks.

Access Control
In the blockchain model, the owners of digital assets have complete responsibility for them. If users lose private keys, those keys are gone forever. Their digital assets cannot be claimed.

A criminal, cyber or otherwise, who manages to steal cryptographic keys can gain unauthorized access to digital assets, which are then irrecoverable by the true owners.

Insufficient Encryption
While encryption prevents many cyber attacks, it is not 100% effective. Man-in-the-middle attacks — in which cybercriminals intercept transmissions to view, steal, or modify them unknown to the sender or recipient — remain feasible if certain issues are present, including:

  • Weak keys
  • Incorrect keys
  • Inadequate encryption strength
  • Errors in a digital signature or certificate verification

Errors in a digital signature or certificate verification
Overreliance on Blockchain’s Inherent Security Benefits
Some businesses have been so impressed by the security advantages of using blockchain technology that they have let key cybersecurity best practices slide.

However, it’s essential that companies continue to use traditional cybersecurity best practices to ensure a secure ecosystem in which to implement blockchain technology.

--

--

Renjith KN
Renjith KN

Written by Renjith KN

Senior technical architect with more than 15 years of experince in microservices, blockchain, J2EE technologies.

No responses yet