A new study by device-to-cloud cybersecurity firm McAfee has identified four key attack vectors comprising the cybersecurity risks involving blockchain-based digital currencies. In the study called “Blockchain Threat Report,” McAfee reiterates the need for making cybersecurity a top priority as blockchain technologies gain widespread adoption.
The study has pointed out fraud schemes, phishing, malware, technology vulnerabilities, and implementation exploits. It added that bad actors in the industry had been aggressively taking advantage of the swift adoption of digital currencies, as well as the early adopters of the platform.
The researchers stated:
“As blockchain technology continues to both positively and negatively disrupt global industries, we must be diligent about the security implications. As we’ve seen, cybercriminals will find creative ways to reach their goals. Although the blockchain has been well researched and answers many questions regarding decentralized trust, it does not address the security of users or the applications that connect to its network. We have seen insecure behavior via brain wallets lead to theft of cryptocurrencies.”
They said that criminals have learned to use both new and old techniques to launch attacks with a high degree of success, like the dictionary attacks launched against Bitcoin private keys. They said that traditional phishing attacks are also being used to manipulate computers and steal crypto wallets.
The researchers added:
“And we observed that not only blockchain users are targeted. The primary commercial adopters of blockchain are cryptocurrency exchanges, which have suffered from an unending barrage of successful attacks. Government regulators are struggling to keep up with and understand the legal implications of losses due to cyber attacks.”
Raj Samani, chief scientist at McAfee, explained that like so many other new robust technologies, blockchain could have a revolutionary impact in solving authentic business problems, but only so long as security does not fall victim to the urgency to adopt the technology.
He went on to say:
“Given blockchain’s potential for creating value, and the tremendous enthusiasm to implement it, cybercriminals will seek every opportunity to strike at all available technical and human vulnerabilities in the emerging blockchain ecosystem. Governments, cybersecurity vendors, and businesses must be diligent in understanding the threats and minimizing the risks. Without adequate education for users and industry, secure implementation best practices, and strong technical security standards, the widespread adoption of blockchain by major industries and governments could end up costing billions of dollars and impacting millions of people.”
A separate study by Carbon Black showed that year-to-date, hackers have stolen nearly $1.1 billion worth of cryptocurrencies. According to the US-based cybersecurity company, despite the countermeasures applied by the industry, stealing cryptocurrency is still comparatively easy, with a malware costing just $224 and could go as low as $1.04 if bought on the dark web.