Just the same way sugar attracts ants, so also does any juicy innovation, especially in the financial sector attracts threats. Interestingly, Satoshi’s blockchain technology was aimed at betterment of value exchange and transfer. In terms of more secure, trusted, reliable and immutable exchange. The cryptography of the blockchain technology was designed in such a way that hacking is near impossible. This has proven true to an extent, but in the last couple of years, cryptography related attacks and hacks have been on a crazy trend, sparking curiosity, talks and fears from critics, investors, stakeholders, traders and enthusiasts.
What is a cryptography attack
First and foremost, cryptography is the art of writing or solving codes. That is, encrypting (and decrypting) messages or information. A cryptography attack is the study of the security protocols and setup of a system, technology or network for the purpose of identifying its loopholes and weaknesses in order to gain access for personal and illegal gains. A cryptographic attack is carried out in order to gain access to encrypted message or information.
In the cryptosphere, cyber criminals have been motivated to perform their tricks for a slice of the digital crypto cake. The most threatening is the first DDoS attack on the Ethereum blockchain network which happened sometime in 2016. Another attack worthy of mention is the hack into Slovenian based bitcoin mining marketplace NiceHash which took place in 2017 involving $64Million. Also, Mt.gox had to file for bankruptcy protection in Tokyo after being attacked.
No arguments, if the cryptographic algorithm of a network isn’t well designed, information stored are potentially vulnerable to attack. However, all these attacks have different reasons for its occurrence, although, the main reason being that a scrupulous individual wants to satisfy their greed.
These attacks are known by different terms, some of which are:
- 51% Attack: the blockchain’s immutability edge means records cannot be altered. But a 51% attack can occur when a node or nodes that controls up to 51% hosting power on the network jointly decides to alter a block or transaction. A 51% attack is nearly impossible on a large blockchain network. Here comes the issue of cryptographic attack, the nodes on a blockchain have the potentials of attacking its network. This type of attack is unlikely to happen on a bitcoin blockchain because the attacker also stands to lose.
- Distributed Denial of Service(DDoS): this form of attack is a situation whereby a compromised system infected with Trojan is targeted at a single network and as such both the network and it’s users are denied access into the network for a short period through the use of traffic and multiple sources. During this short period, the hacker(s) direct all funds to his own crypto address. This is the biggest and most disastrous attack that can happen to a network.
- Phishing attack: popular to online, mobile crypto wallets. The most tricky method of stealing wealth. It happens when a false link is sent as message to a user in order to collect user’s data like username, password and other details.
- Cryptoshuffling: another new form of attack exposed by Kapersky. This attack happens when the hacker finds a way to maliciously redirect the address of the receiver’s address to his own. So, funds sent to the receiver’s address automatically gets to the hacker’s address
- Mining malware: because mining bitcoin consumes a lot of power, miners have now resorted to borrowing resources to mine. Malware botnet works more like hacking people’s computer power. They mostly work to mine bitcoins. A big example of this malware attack is the case of when over a million computer powers were hacked to mine.
The effects of any form of attack varies, they are:
- Slow down of transaction processes on the network
- Loss of investments
- End of the project or company bankruptcy
- Exchanges might lose user’s trust and patronage etc
To fix these attacks, only better security approaches can be employed. Although, there are startups that look into attacks and predict attacks, example Checkphishing.
The DDoS attack on the ethereum, according to the company, was as a result of internal attributes. The first was when a geth crashed out because of Memory bug. The larger a network, the less scalable it becomes, and problems of data storage space constraints, will definitely occur. Another problem was the EXTCODE features which naturally comes with each transactions. Ethereum notably carried out a hard fork, generated a new network code and successfully curtailed the situation. Such can be emulated. Also, a provision for storage space to contain all information.
For phishing, it has always been advised that minimum or little funds should be kept in online wallets because anything online is most vulnerable to attacks. Users should store huge funds on other forms of cold wallet, like the hardware wallet especially. Users also should endeavour to frequently update the softwares they use to the latest.
For cryptoshuffling and mining malware, constant check and monitoring on all hardware, CPUs and software should be enforced. The decentralized edge of the blockchain set up has created room for independent practises by miners (mining malware) and users. So, for better security against attacks, companies should go back to the drawing board, learn from past attacks and employ various practicable measures.
