GENEVA -- While blockchain proponents rave about the distributed ledger’s security, no technology is completely secure. During a discussion on cybersecurity at Sibos 2016, Dow Jones’ Head of Technology Platform Grant Allen noted one of blockchain’s vulnerabilities is “hidden in plain sight.”
Allen noted that, “the whole premise of blockchain is that each stage of every transaction is cryptographically generated and protected, and anyone can verify those transactions. To insert a fraudulent transaction is immediately noticed.” But while it’s easy to spot someone attempting to tamper with the very “end” of the ledger, you could—with enough money and resources—change the ledger itself.
Such a hack is possible with access to a data center, along with a power station, Allen said. “So when you’re sitting there doing your job, have you ever even thought about who owns the power station the runs the data center that runs all of my banking systems or all of my finance systems? If you haven’t already thought of it, I suspect that you might start thinking of it now,” he said. “Now, these aren’t easy things to get your hands on, but there are several players who do have access to them. In fact, there are 8.5 million data centers worldwide and over 62,000 power stations and over 700 cryptocurrencies. Keeping track of all of the players across all of these is a daunting task.”
Rob Sloan, head of cyber content and data for Dow Jones, added that a government could hypothetically feel it’s worth hitting blockchain if that’s all it takes to undermine complete confidence in all cryptocurrencies. “That might be worth a billion dollar investment for a government because suddenly now no one trusts cryptocurrencies,” he said.
Right now though, Allen believes the greater threat will come from botnets—vast networks of computers infected with malware and are controlled without the users’ knowledge. Botnets theoretically possess the power to hack technology like blockchain. “Rather than a single source of power, it’s distributed across tens or hundreds of thousands of actors who would have no inkling that they’re being co-opted into effectively rewriting an entire blockchain from scratch,” he said.
Allen added that blockchain technology is very well thought out and very secure. “But the hurdle that was set up in the design initially was that you have to be willing to burn through all of that effort to even let one fraudulent transaction through and the argument was, that no one would go to that length. Who would spend millions or billions to be able to defeat security?” he said. “But as the adoption rises and the value of what is represented in those ledgers rise, then that attracts more interests from all kinds of parties.”