MIT warns again of blockchain security risks in upcoming report

James is editor in chief of TechForge Media, with a passion for how technologies influence business and several Mobile World Congress events under his belt. James has interviewed a variety of leading figures in his career, from former Mafia boss Michael Franzese, to Steve Wozniak, and Jean Michel Jarre. James can be found tweeting at @James_T_Bourne.

An upcoming report from the Massachusetts Institute of Technology (MIT) will state that publicly reported losses by cyberattacks against blockchain systems since 2011 has exceeded $1 billion.

The finding appeared in an op-ed for the Wall Street Journal written by Stuart Madnick, professor of information technologies at the MIT Sloan School of Management. Madnick noted the upcoming study would analyse 72 cases of publicly reported blockchain system security breaches.

The study comes after an article appeared on MIT Technology Review in February, warning that the purportedly ‘unhackable’ blockchains were getting hacked. The article noted the January case where Ethereum Classic was suspended from Coinbase after irregularities to the tune of more than $1 million were spotted.

Madnick gave the analogy of splitting the atom as defining the difference between the concept of blockchain and the system it resides in. Banks are technically made of atoms, but you don’t have to split the atom to rob a bank. Blockchains can be hacked without having to ‘crack the chain’, as he put it.

The piece explored various stories which exemplified the instability with regards to blockchain technologies and the difficult approaches to security thus far. Regarding the former, Madnick noted his theory that “the easiest way to make money with a startup is to put ‘blockchain’ in the company name.” Regular readers of this publication will know that this craze did not just affect startups; at the start of 2018 Long Island Iced Tea Corp changed its name to Long Blockchain Corp. Nasdaq put a stop to the scheme six months later.

For the latter, Madnick cited the story of QuadrigaCX earlier this year as symptomatic. The Canadian cryptocurrency exchange was unable to access a reported $250m CAD in funds after the sudden death of chief executive Gerald Cotton, who took with him the only passwords to the company’s vaults.

“The bottom line is that while the blockchain system represents advances in encryption and security, it is vulnerable in some of the same ways as other technology, as well as having new vulnerabilities unique to blockchain,” concluded Madnick. “An important notion that our research is intended to dispel is that blockchain technology can protect data from misuse. In fact, human actions or inactions still have significant consequences for blockchain security.”

You can read the full piece here.

Interested in hearing more in person? Find out more at the Blockchain Expo World Series, Global, Europe and North America.


View Comments
Leave a comment

Leave a Reply

Your email address will not be published.