The global financial crisis of 2008-09 resulted in the development of the Bitcoin whitepaper, which introduced the world to the concept of blockchain technology and cryptocurrency. In a blockchain, information is stored in several databases (blocks) that are linked together chronologically through cryptographic hashes to form a distributed network (chain). Since its inception, the global blockchain market is expected to hit $67.5 billion by 2026.
Within the realm of banking, financial services, and insurance (BFSI) the evolution of cryptocurrencies as an asset class for investors has furthered the commercialisation of blockchain technology through Decentralised Finance (DeFi) services. As of 2021, over 6,000 cryptocurrencies are being traded freely, with the global cryptocurrency market capitalisation reaching USD 990 billion. Serving investors’ needs are exchanges, lenders, asset managers, custodians, clearing and settlement houses, and cross-border payment applications, which all benefit from the surge in blockchain use cases.
However, despite the increasing penetration of blockchain and the astronomical valuations of related businesses, a lack of global regulations, standards and guidelines has put all players in a grey area. Moreover, the technology is still in its nascent stages where several design and development vulnerabilities place blockchain architecture at a higher risk of exploitation by bad actors. This security problem further extends to companies exclusively storing and/or transacting cryptocurrencies through digital wallets.
Vulnerabilities Around Blockchain
Several known vulnerabilities and attacks are facing the blockchain architecture that was discovered since its early days including 51% attacks, time jacking, crypto-jacking, forking attacks, eclipse attacks and smart contract vulnerabilities such as re-entrancy attacks, overflow attacks, balance attacks, to name a few. But what are the main exposure points?
1. Lack of Regulatory Intervention
With the rise of innovative business models leveraging blockchain technology, several billion-dollar organisations find themselves operating in a grey area resulting from an absent regulatory intervention. This is particularly true for organisations disrupting traditional industries by amalgamating legacy systems with blockchain infrastructure.
2. Social Engineering Attacks
Cybercriminals are choosing to attack organisations through their weakest point – the user. Users include employees, customers, shareholders, and other stakeholders who have access to the enterprise environment. Cybercriminals will often steal credentials to gain access to user accounts and then try to escalate privileges to steal data or tokens. If a user doesn’t have the correct training, they are more likely to become a victim of phishing attacks and other forms of impersonation attacks.
3. Supply Chain Compromise
Cybercriminals can exploit age-old legacy systems and gain access to mission-critical blockchain facilities storing or processing digital asset transaction traffic in an interconnected ecosystem.
4. Ransomware Attacks
It is no secret that there is a lack of guidelines within the blockchain and crypto industry. Yet still, companies in this sector are still required to abide by data privacy and protection regulations. Ransomware attacks can hamper data availability and result in long-drawn downtimes until data is available for business operations. The onset of remote working and lack of cyber awareness has paved the way for favourable conditions to launch ransomware attacks. Since cryptocurrencies are also used as an agent for ransom extortion, organisations in the blockchain space with reactive cyber maturity levels are soft targets for bad actors.
5. DeFi Protocol Hacks
In 2021, approximately USD 12 billion invested in DeFi protocols was lost to scams and theft, of which close to USD 2 billion was lost to malicious attack campaigns. That year also witnessed the single largest DeFi cryptocurrency hijack of USD 600 million. With nearly USD 240 billion locked in, DeFi protocols are a certain target for adversaries.
6. Smart Contract Design Vulnerabilities
Under the DeFi umbrella, smart contracts are widely used in interoperability protocols that link multiple blockchains together. Design flaws can allow adversaries to call privileged smart contracts and control the flow of digital information between linked blockchains. Assets can then be directed to an address controlled by cyber criminals to be traded freely over an exchange. Hence, to protect themselves, organisations leveraging smart contract technology will need a secure system development life cycle through DevSecOps considerations.
7. Crypto Wallet Attacks
Similar to how physical wallets are used to store cash, cryptocurrency is deposited into digital wallets that can be accessed through cryptographic keys. There are two sets of keys:
- The public key is used to deposit digital assets in an address like a bank account number.
- The private key is used to withdraw money from the wallet like a PIN. Private key security is critical to safeguarding the digital assets stored within crypto wallets.
Basic attacks on crypto wallets aim to locate files where private keys are stored. However, since 2018, attackers are re-constructing private keys by decoding electromagnetic signals emitted by devices in an attempt known as a side-channelling attack. Additionally, several attacks on crypto wallets leverage human error, pre-existing vulnerabilities and connection interception, which eliminates the need for private keys to hijack a wallet.
There are some major vulnerabilities surrounding blockchain, however, there are systems that can be put in place to detect and limit cyber criminals attacking blockchain technology.
A Step In The Right Direction
Past attacks faced by digital asset firms were reported after an illicit transaction has been successfully executed on or across blockchain(s). Detection of cyberattacks later in their lifecycle can lead to adverse financial, reputational and/or regulatory impacts.
To address this gap, organisations should look to adopt software that can utilise AI and Machine Learning to detect threats before they even occur. Through this software, blockchain and crypto firms can collate suspicious on-chain and off-chain activities for enhanced visibility of their security posture, simplifying both threat detection and incident response activities. Having software that is built with native out-of-the-box compliance alerting and advanced analytics to identify and flag compliance breaches is also key. In an uncertain regulatory environment, this software will enable blockchain and crypto firms to monitor for compliance and cybersecurity under the same joint effort.
Further still, the identification of cyber risks affecting blockchain-specific infrastructure is key to the development of proactive cyber maturity efforts. Having the right system can contextualise native intelligence monitoring, in turn enriching threat detection with near real-time industry-specific intelligence feeds to identify bad actors and APT group campaigns.
It’s impossible to stop all cyber-attacks, so when a breach occurs the cyber-security team must be alerted as soon as possible. False-positive alerting generates tremendous noise for security teams globally. By utilising Machine Leaning, engines can observe historic true and false positives for similar events using enforced learning to decide whether an alert should be triggered – therefore alerting teams when a real threat is occurring.
What Does The Future Hold?
Navigating a challenging environment and adopting the best practices can be overwhelming for business and function leaders. With the intertwining of blockchain and cybersecurity in an ever-evolving threats landscape, it is imperative that you continuously enhance your business to match the current landscape. Without proper thought, this implementation can be difficult or even impossible. Blockchain offers many benefits, such as efficiency, optimisation, cost reduction and better security. However, technology also introduces new risks to systems if not properly managed and monitored.
About Blacklight AI Platform
Blacklight, our proprietary AI-based Security Operations Platform, helps you secure, monitor and detect beyond your traditional SIEM. Blacklight is architected, designed and built using industry best practices, offering the maximum level of flexibility and extensibility.
Combined with SOC services, we provide the highest level of visibility into your organisation’s security for proactive monitoring.
Learn more: blacklightai.com
Follow us: linkedin.com/company/blacklightbyowlgaze
Book a demo: blacklightai.com/contact-us/
© 2024 Blacklight AI. All rights reserved. For permission to use the content on our website, please contact us at info@blacklightai.com