Top 3 types of cyberattacks in blockchain

Since the emerging development of blockchain technology, a surge in cyberattacks targeted cryptocurrency, sensitive personal data and NFT game spending, causing billions of dollars in losses in recent years.

We previously discussed the strategic business values bought by blockchain technology, data governance changes, and cybersecurity improvement. Now, in our final discussion on blockchain, we will illustrate examples of the top 3 types of cyberattacks and how to avoid them.

1. Exchange Hack

Since 2012, at least 46 cryptocurrency exchanges have suffered significant hacks and nearly $2.66 billion (~ £2.3 billion) has been stolen from crypto exchanges.

Binance, the world’s largest crypto exchange, suffered about $570 million (~£491 million) hack in Oct 2022. The hack was caused by a bug in the cross-chain bridge’s smart contract that allowed hackers to forge transactions and send money back to their crypto wallet. The company coordinated with Binance Chain validators to enact an upgrade for bug fixing.

Such a notable attack demonstrates the importance of smart contract security and regular technical audits to ensure the system is as safe and secure as possible.

2. DeFi Hack

The gaming-focused Ronin network announced a loss in USDC and ether (ETH) in March 2022. A security breach in secret keys caused the incident. A set of nine secret keys secures the funds on the platform. To unlock and release the funds, it requires approval by a majority of five of those keys. The hacker found a backdoor in the Ronin Bridge node and got control of more than half of the validators. The hacker unlocked the vault and withdrew funds valued at more than $620 million.

The company promptly increased the validator threshold from five to eight and migrated their nodes to the new infrastructure.

No wonder The Federal Bureau of Investigation (FBI) asked decentralised finance (DeFi) platforms to strengthen security measures and warned investors against the vulnerabilities in these platforms.

3. Ransomware

Analysis found that businesses in the UK suffered the third highest rate of ransomware attacks in the world, followed by the US and Canada. Not just attacking the financial industry but also education, healthcare, the legal profession and the public sector.

One of the most well-known attacks was the outbreak of WannaCry in 2017, adversely affecting more than 200,000 computers in over 150 countries, costing £92 million in the UK and running up £6 billion across the globe. It began with emails that tricked the target audience into opening the attachments which then released the malware onto their system. Once a computer was infected, it would lock up the files and the users could not access them anymore.

The NHS was suspended for several days, affecting at least 80 of the 236 trusts across England, 603 primary care and 595 GP practices. Thousands of appointments and operations were cancelled and urgent relocation of emergency patients from stricken emergency centres. Staff were forced to record everything with pen and paper!

To combat ransomware, a strong way of defence is always appropriate cybersecurity training for staff, like sending dummy phishing emails regularly to arouse their awareness. Also, implementing blockchain analytics tools can monitor activities and detect ransomware-related patterns.

Conclusion

Blockchain technology has improved cybersecurity across industries but hackers are always looking for ways to unravel high-security systems. Unaudited environments and a lack of cybersecurity training can lead to devastating attacks. We should all constantly update the security layers and keep an eye on hacker trends to block any security breaches.

How CACI can help

Make sure your business is safe from cyber attacks. Our experts monitor the latest cyber threats regularly and can carry out proper technical audits and cybersecurity training for your business.

Get in touch with us today.

Notes:
[1] List of Crypto Exchange Hacks: Updated 2022 | HedgewithCrypto
[2] Crypto exchange Binance suffers $570 million hack (nbcnews.com)
[3] Cyberattack: Over $600m lost in a Ronin Network hack – Technext
[4] FBI Asks DeFi Platforms to Increase Security Measures, Warns Crypto Investors Against Vulnerabilities (coindesk.com)
[5] UK suffers third highest number of ransomware attacks globally (computerweekly.com)
[6] The NHS cyber attack: how and why it happened, and who did it (acronis.com)
[7] Investigation WannaCry cyber attack and the NHS (Summary) (nao.org.uk)