How fraudsters attack blockchain technology and how to prevent it

by Arthur · December 12, 2022

The 2008-09 global financial crisis resulted in the development of the Bitcoin Whitepaper which introduced the world to the idea of blockchain technology and cryptocurrency. Within blockchain, information is stored in multiple databases (blocks) that are linked together chronologically through cryptographic hashes to form a distributed network (chain). Since its inception, the global blockchain market is expected to reach $67.5 billion by 2026.

In banking, financial services and insurance (BFSI), the development of cryptocurrencies as an asset class for investors has promoted the commercialization of blockchain technology through decentralized financial services (DeFi). As of 2021, there are over 6,000 cryptocurrencies that are freely traded with a global cryptocurrency market cap reaching $990 billion. Serving the needs of investors are exchanges, lenders, asset managers, custodians, cross-border payment applications, and clearing and settlement houses that are all benefiting from the rise in blockchain use cases.

But despite the growing penetration of blockchain and the astronomical valuations of related businesses, a lack of global regulations, standards and guidelines has put all players in a gray area. Moreover, the technology is still in its nascent stages where several design and development vulnerabilities put blockchain architecture at a higher risk of exploitation by bad actors. This security issue extends to companies that exclusively store and/or transact cryptocurrencies through digital wallets.

Vulnerabilities around blockchain

There are several known vulnerabilities and attacks against the blockchain architecture discovered since its early days, including 51 percent attacks, time jacking, crypto jacking, forking attacks, eclipse attacks, and smart contract vulnerabilities such as re-entrancy attacks, overflow attacks, and balance attacks , to mention some. But what are the most important exposure points?

Lack of regulatory intervention

With the rise of innovative business models leveraging blockchain technology, multi-billion dollar organizations are finding themselves in a gray area due to the absence of regulatory intervention. This is especially true for organizations that are disrupting traditional industries by merging legacy systems with blockchain infrastructure.

Social engineering attacks

Cybercriminals choose to attack organizations through their weakest points – the user. Users include employees, customers, shareholders and other stakeholders who have access to the corporate environment. Cybercriminals will often steal credentials to gain access to user accounts and then try to escalate privileges to steal data or tokens. If a user does not have the proper training, they are more likely to fall victim to a phishing attack and other forms of impersonation attacks.

Cybercriminals can exploit ancient systems and gain access to mission-critical blockchain facilities that store or process transaction traffic for digital assets in an interconnected ecosystem.

It’s no secret that within the blockchain and crypto industry there is still a lack of guidelines. Nevertheless, companies in this sector are still required to comply with regulations on privacy and data protection. Ransomware attacks can hamper data availability and result in prolonged downtime until data is available for business operations. The onset of remote working and lack of cyber awareness has paved the way for favorable conditions to launch ransomware attacks. Since cryptocurrencies are also used as an agent for ransom extortion, organizations in the blockchain space with a reactive cyber maturity level are soft targets for bad actors.

In 2021, approximately $12 billion invested in DeFi protocols was lost to fraud and theft, of which around $2 billion was lost to malicious attack campaigns. That year also witnessed the largest single DeFi cryptocurrency heist of $600 million. With nearly $240 billion locked up, DeFi protocols are a certain target for opponents.

Weaknesses in smart contract design

Under the DeFi umbrella, smart contracts are largely used in interoperability protocols that link multiple blockchains together. Design flaws could allow adversaries to call privileged smart contracts that control the flow of digital information between linked blockchains. The assets can then be routed to a cybercriminal controlled address to be traded freely over an exchange. Organizations leveraging the smart contract technology need a secure system development lifecycle through DevSecOps considerations.

Like wallets used to store cash, cryptocurrency is deposited into digital wallets that can be accessed through cryptographic keys. There are two sets of keys, first the public key, which can be used to deposit digital assets to an address just like a bank account number, and second, a private key, which can be used to withdraw money from the wallet like a stick Number. Private key security is essential to protect the digital assets stored in crypto wallets. Basic attacks on crypto wallets aim to find files where private keys are stored. Since 2018, however, attackers have reconstructed private keys by decoding electromagnetic signals emitted by devices in an effort known as side-channel attacks. In addition, several attacks on crypto wallets exploit human error, existing vulnerabilities, and connection interception that eliminate the need for private keys to hijack a wallet.

There are some major vulnerabilities around blockchain, but there are systems that can be put in place to detect and limit cybercriminals who attack blockchain technology.

A step in the right direction

Previous attacks by digital asset firms have often been reported only after an illegal transaction was made on or across blockchains. Detection of cyber attacks later in the lifecycle can lead to adverse financial, reputational and/or regulatory consequences.

To address this gap, organizations should look to adopt software capable of using AI and machine learning to detect threats before they even occur. Through this software, blockchain and crypto firms can collect suspicious on-chain and off-chain activities for increased visibility of their security posture, facilitating both threat detection and incident response. It’s also key to have software built with built-in compliance alerts and advanced analytics to identify and flag compliance violations. In an uncertain regulatory environment, this software will enable blockchain and crypto firms to monitor for compliance and cybersecurity under the same joint effort.

Furthermore, identifying cyber risks affecting blockchain-specific infrastructure is key to the development of proactive cyber maturity efforts. Having the right system can contextualize native intelligence monitoring, enriching threat detection with near-real-time industry-specific intelligence feeds to identify bad actors and APT group campaigns.

It is impossible to stop all cyber attacks, so when a breach occurs it is important that the cyber security team is notified as soon as possible. False-positive alerting generates enormous noise for security teams globally. Using Machine Leaning, engines are able to observe historical true and false positives for similar events using forced learning to determine whether to trigger an alert – and therefore alert teams when a real threat occurs.

What does the future hold?

Navigating a challenging environment and adopting best practices can be overwhelming for business and functional leaders. With the interweaving of blockchain and cybersecurity in an ever-evolving threat landscape, it is imperative that you continually improve your business to match the current landscape. Without careful consideration, this implementation can be difficult or even impossible. Blockchain offers many benefits, such as efficiency, optimization, cost reduction and better security. However, the technology also introduces new risks to systems if not properly managed and monitored.

Image credit: dencg/Shutterstock