Blockchain can be described as a “large” ledger of accessible and verifiable accounts which is deployed on the Internet. This is due to the fact that it relies on a very large number of distributed computing resources around the world, called “nodes”, which are involved in the operation of the network. In the case of a public blockchain, everyone can contribute: all that is required is a computer with sufficient power and the ability to run the appropriate code.
Code execution means compliance with the rules of blockchain management. The task of these participants is to collect transactions issued by their clients, combine them into a structure called a “block” and check the blocks before writing them to the blockchain. As we know from the descriptions of blockchain projects on Coinmarketrate.com the blockchain can have a size of hundreds of gigabytes, and be duplicated many, many times over the Internet, which makes it very accessible.
Types of attacks and methods of protection
One of the advantages of blockchain technology is its increased security and resistance to cyber attacks. However, its open source code makes it an open target. Let’s look at three popular threats and ways to prevent them.
Examples of blockchain attacks range from traditional and common threats faced by all network platforms to unique and specific attacks on the blockchain. Before we look in more detail at the types of attacks, it is worth identifying 4 elements of the blockchain that may face vulnerabilities:
- Blockchain Nodes
- Smart contracts
- Consensus mechanisms
Distributed Denial of Service (DDoS)
Distributed denial of service (DDoS) occurs when an attacker floods a server or network with requests and traffic. A DDoS attack is aimed at slowing down or disabling the system. Any form of online platform can be vulnerable to DDoS attacks, including corporate websites and servers.
In particular, in the blockchain, a DDoS attack can overload the system with incoming bits of data, which can force it to shut down for further use of its computing power. Thus, the blockchain server may lose connection with all cryptocurrency exchanges, online cryptocurrency wallets or other connected applications.
There are several high-profile cases when attackers used DDoS principles to gain access to cryptocurrency exchanges. In the period from November to December 2017, the popular Bitfinex exchange was subjected to a successful DDoS attack three times, as a result of which the attackers stopped the operation of the exchange. In both blockchain and non-blockchain DDoS attacks, request overload comes either from a single person or from a small number of unique sources (which can be tracked by IP addresses).
How to prevent a DDoS attack on the blockchain
As a rule, DDoS attacks are carried out via centralized network functions, for example, a single Internet connection point. Since the public blockchain is already a decentralized system connected to multiple nodes, a DDoS attack requires access to multiple nodes at the same time in order to cause significant damage to the network.
This makes tracking a DDoS attack much more complex and time-consuming, compared to other methods of attacks on the blockchain. In 2016, the Ethereum blockchain became a victim of a DDoS attack, which significantly increased the time required to create and verify blocks. In response, the Ethereum development team made changes to the mining software, which reduced the gas limit and increased the time for creating new blocks.
DDoS attacks are prevented by further decentralizing the network. This will not only reduce the power of a DDoS attack, but also provide bandwidth for other specific servers exposed to attacks without compromising the entire chain. Even if specific nodes are compromised, taken offline or disabled, the blockchain can continue to function and confirm transactions. Broken nodes can be restored and synchronized with unaffected nodes.
As mentioned earlier in this article, a key characteristic of blockchain security is its decentralization and the ability of nodes to reach consensus. For example, the Proof of Work algorithm used in the Bitcoin blockchain forces all network participants to follow the same rules and protocols when miners introduce new blocks that are verified by nodes.
The decentralized element of the blockchain ensures that no single individual or centralized entity can influence the activities of the blockchain outside of the PoW consensus.
In a typical blockchain network, new coins/tokens are unlocked by computers/miners who compete with each other in finding solutions to hash problems. As soon as the miner successfully enters the correct hashing combination, it is verified by the nodes and distributed throughout the network.
A 51% attack occurs when an attacker or a group of individuals gains control over more than 50% of the hashrate of the blockchain network. By controlling 51% of the hashrate, attackers can influence other blocks in which their transactions are stored. Figure 1 shows how the 51% attack occurs. Let’s assume that the attacker has his transactions in a legitimate chain, where he sends transactions to exchanges, traders, etc., on the basis of which he receives services.
Among the most important incentives that encourage attackers to commit an Attack, 51% is the possibility of “double spending”. Double spending occurs when an attacker controls more than 51% of the hash power, and can create a copy of the transaction and add it to the blockchain. At the same time, previous transactions are deleted from the network as if they never existed.
This, in turn, means that attackers can spend their tokens repeatedly by deleting other blocks.
There have been several 51% attacks in recent years. The attackers managed to fraudulently steal ETC in the amount of more than $ 8 million. The most recent 51% attack was carried out on Ethereum Classic, where attackers were able to “reorganize” more than 7000 blocks. This was already the third 51% attack that the blockchain has faced recently, and now the ETC blockchain is testing a strategy to stabilize networks by lowering the hashrate to avoid future attacks. Other important attacks affected:
- The Ethereum Classic attack in 2019 with a loss of $1.1 million.
- Verge 51% attacks in 2018 with a loss of $1.75 million. During 2018, Verge was attacked again with damage amounting to 1.1 million US dollars.
- In January 2020, the Bitcoin Gold blockchain became the target of hacking, as a result of which attackers twice spent Bitcoin Gold in the amount of more than $ 85,000. Some have suggested that the attackers were able to obtain energy for mining through the online market “NiceHash”. Currently, NiceHash allows users to rent energy for mining more than 33 basic blockchain algorithms.
How to prevent a 51% Attack
A blockchain using the POW consensus algorithm is vulnerable to 51% attacks, since the network is accessible to everyone, including intruders. The lower the hashrate of the blockchain, the easier it is for an attacker to gain a majority advantage. Popular blockchains, such as Bitcoin or Ethereum (both with the PoW algorithm), have a very low risk of vulnerability to an attack of 51%, since obtaining 50% of their networks will require an unrealistic amount of computing and energy resources. In general, the higher the hashrate, the more difficult it is to carry out a 51% attack.
Sybil attacks manipulate online systems when a user tries to overload the network by using multiple profiles. In particular, for blockchain, Sybil attacks are attacks in which a user tries to execute multiple nodes in a blockchain network.
A successful Sybil attack on the blockchain can force the network to influence other nodes (if they can create enough nodes). By controlling nodes, Sybil attackers can prohibit the transfer of blocks, effectively preventing users from adding data to the network.
It is important to add that Sybil attacks can lead to an attacker (or a group of them) controlling a large part of the blockchain network. Thus, they can carry out a 51% attack, during which they can manipulate transactions, and even force double spending.
How to prevent a Sybil attack
Although consensus algorithms do not prevent Sybil attacks, they make it difficult and impractical for an attacker to carry out such an attack. For example, launching full-fledged mining nodes in the Bitcoin network requires significant hash power from the attacker, which means that the cost of the attack is high, and the expected reward from it may not compensate for these costs. Therefore, it is in the interests of the attacker to continue mining in an honest way.
In addition to the POW and PoS consensus algorithms, the blockchain can prevent Sybil attacks by directly and indirectly verifying new and existing members. Direct validation allows existing blockchain participants to verify new participants joining the network, and indirect validation allows existing blockchain participants to grant authorization rights to other participants.
In this article we have focused on three well-known attacks, and in the following articles we can consider less common, but very effective attacks. With the growing popularity of platforms like NiceHash, attackers can rent mining energy to carry out attacks like the 51% attack, having much less of their own mining energy and experience.
The decentralized and censorship-resistant nature of public blockchains also means that the attack surface is larger. Blockchains such as Bitcoin and Ethereum are becoming increasingly difficult to attack, while vulnerabilities in smaller blockchains continue to be exploited.