Blockchain Security Is A People Problem
- Date: 22 November, 2018
Blockchain was hailed by some as a ‘truth engine’ but, according to Melanie Jones, Product Director for cybersecurity portfolios, there is already a spanner in the works and those with the skills to protect valuable data are finding themselves in one of the world’s most sought after professions.
If there is one thing we know about human nature it is that if something is presented to us as unbreakable, unhackable, unsinkable or inedible, there is always someone with the aptitude and mendacity to crack it. So, it goes with blockchain. Blockchain’s immutability is built into its peer-to-peer nodular transparency. In theory, the decentralised system, distributed across its network of users/nodes, should be impossible to compromise as any attempts to alter the data would be instantly recognisable and investigated by the pool of node owners (active users who validate transactions are also known as miners). Blockchain’s universal adoption as an open ledger by the cryptocurrency markets, sadly, has already proved that – despite its sophisticated software – the open ledger is open to compromise. Since 2014 over $1.4 billion worth of crypto currency has been stolen from exchanges by hackers. Some of the targets include popular crypto trading brands such as Coincheck, MT Gox and BitGrail. Unsurprisingly, it is not the software letting the side down – it is us. By design, blockchain cannot be hacked, but its weakness is often at the point where its systems connect with the real world in software or applications.
For example, ‘hot wallets’ are vulnerable to hackers. These wallets function like a digital ATM machine – they are internet-connected applications that store cryptographic keys (needed to access cryptocurrencies). Wallets operated by cryptocurrency exchanges like MT Gox and Coincheck have become the location for 21st century bank robberies. Cryptocurrency exchanges are increasingly claiming to store their customers money in “cold” wallets – on storage devices disconnected from the internet, but as recently as January this year, $500 million was taken in cryptocurrency from the Japan-based company, Coincheck.
Source: Press Coverage in Compare the Cloud – read full article.