Researchers find cyberthreats call into question blockchain security in critical infrastructure
Miners who use computation to verify transactions via blockchain technology could be at risk, according to a joint study from Australia and Iran.
A study by the Charles Darwin University (CDU) and the University of Tehran found that cybercriminals are using blockchain to trick miners into running cryptocurrencies.
Miners who receive cryptocurrency as payment can be attacked by criminals who want to steal some of their computing power.
Professor Mamoun Alazab said this new attack method against blockchain is concerning because of its high success rate, especially when blockchain technology is used in critical infrastructure.
“Misleading attacks are orchestrated by someone redirecting the computing power of some miners to another chain, so an attacker can overtake the main chain and make that fork the dominant chain. I can,” he said.
Miners are typically rewarded for using their computational power to validate transactions on a particular blockchain.
“Chains where miners are misguided are designed to lose competition, and so is the main chain. All because the attacker’s chain wins and becomes dominant.
“This vulnerability could also facilitate the success of other types of blockchain attacks,” explains Professor Alazab.
How will this affect cryptocurrencies?
According to Professor Arazab, Bitcoin, like any other cryptocurrency, is not secure against any kind of attack.
“However, this new and misleading attack, along with well-known attacks that have cost millions of dollars, are linked to the fact that blockchain technology, and Bitcoin in particular, is not as secure as we think it is, or is critical infrastructure. It indicates that it should be used in a structure.”
The study found that Bitcoin’s blockchain technology is vulnerable, while Ethereum’s blockchain technology makes misleading attacks impossible because of its tracking system.
Dr. Ghader Ebrahimpour and Dr. Mohammad Sayad Haghighi also participated in the study at the University of Tehran.
“Unless preventive or compensatory measures are taken, this attack could undermine confidence in blockchain security and reduce its value,” Dr Ebrahinpour said.
Blockchain miners have been warned of the impact of their work when used in financial systems and critical infrastructure.
Professor Arazab says there may be different solutions to this threat.
“One is to change the design to remove block rewards, after which miners should receive their rewards from transaction fees.
“The concept of an uncle block reward, similar to Ethereum, also helps mitigate the problem,” he said.
