The Mighty Blockchain Has Mighty Security Problems – Opinion
Often touted as immutable, blockchain technology and its unlimited potential have garnered much attention lately, and rightly so. The mathematical model that the technology is built upon as well as its time-stamped, verifiable nature certainly makes it a reliable option for monitoring and tracking purposes, one that industries across the globe are looking to implement. In fact, according to a recent report from IDC, global spending on blockchain solutions in 2018 is estimated to be $2.1 billion. Furthermore, according to CoinMarketCap, the cryptocurrency markets – the more widely known application of the blockchain technology – grew to $600 billion by the end of 2017.
While blockchain technologies continues to hold much promise, we cannot neglect the numerous hacking incidents that have crippled the crypto economy. From DAO and Mt. Gox to CoinCheck and GDAX, crypto exchanges have already lost multi millions. In addition, nearly $400 million has been lost or stolen during ICOs, according to Ernst & Young. Only last week, the UK National Cybersecurity Center (NCSC) issued a warning about cryptojacking, and recommended the use of ad blockers and anti-virus programs which include browser mining blocks to prevent these types of attacks.
Now, if the past hacking incidents have taught us anything, it is that hackers follow the money, and to hackers, blockchain is a big pot of gold, and not a very secure one at that. The last several years of crypto breaches are proof that blockchain has vulnerabilities, and by extension, crypto wallets and crypto exchanges are also vulnerable, and that the immutable blockchain isn’t exactly impenetrable.
The reality is that while the blockchain is secure in and of itself, access to it is not. This is because of non-existent or subpar enforcement of rules and policies on the user side and lack of authentication in blockchain transactions. So, for enterprises looking to implement blockchain technology, it is paramount that they understand the security risks involved and take proactive measures to combat these risks.
As noted by Bloor Research’s David Norfolk in his recent report on Blockchain Governance, “One of the chief issues around a secure technology (such as Blockchain is capable of being) is that it becomes trusted – and if someone puts corrupt garbage into it, the garbage that comes out is probably trusted too.” Hackers are smart and while they will continue to come up with sophisticated hacking techniques, the existing whack-a-mole method that we employ to thwart cybercriminals isn’t sufficient. We need to stop reacting. What we need instead is a proactive approach which employs things like two-factor authentication, keystroke encryption, transaction authentication, and policy and rules engine so that we can go a step further than just identifying the problem. By bracing for a cyber-attack, we are acknowledging the imminent presence of hackers and are making sure we are prepared to stop them right in their tracks.
Rich Zaziski is CEO of BlockSafe Technologies, Inc., a company securing the blockchain ecosystem with a suite of solutions that protect against an array of cyber vulnerabilities. His experience spans more than 30 years in the technology industry, as a developer, architect, executive, adviser and entrepreneur.
Rich’s expertise bridges functional areas across diverse industries, allowing him to quickly understand complex business problems and synthesize actionable, technology-driven solutions. He is passionate about fostering emerging technologies and exploring how they can positively impact people and improve business performance.
Previously, Rich founded and ran a technology consulting firm that delivered measurable value to Fortune 500 companies for over 28 years. He holds an MBA in information technology from Fairleigh Dickinson University and a BA from Rutgers University.
Source: Read Full Article