With north of $1 billion stolen from cryptocurrency exchanges in 2018 alone, cybersecurity in the space is a pressing issue. From 51% attacks to social engineering, there are plenty of cyber threats in the crypto industry. Here, we’ll look at one of the most common, a Sybil attack, and how it can infiltrate peer-to-peer networks.
What is a Sybil attack?
While the name sounds somewhat amusing, there’s nothing funny about a Sybil attack. It’s a common computer science issue in which one attacker infiltrates an entire network by creating multiple fake identities to act as adversarial nodes.
This is potentially dangerous since it can render the network unusable by other participants by completely taking it over.
Bitcoin expert Brandon Lee explains that Sybil attacks occur when a network of computers is attacked by inserting fake or malicious nodes.
As part of the team who won the £5 million CoinGeek prize for delivering a working token protocol for the Bitcoin SV network and founder of Coinstorage Guru, Lee knows a thing or two about the subject.
“Sybil attacks are either to multiply the amount of work needed to propagate data or to actively insert fraudulent information into the network data stream”, he says.
Why are peer-to-peer networks so susceptible?
Pelicoin is the Gulf South’s largest and most secure cryptocurrency ATM network. The team explains: “Peer-to-peer networks are particularly susceptible to a Sybil attack because of their decentralised, distributed nature”.
Local nodes within a peer-to-peer network replicate data to improve security and increase availability. For replication, this data must be placed on remote nodes. A Sybil attack infiltrates the network because a local node cannot distinguish if a remote node is honest.
“During a Sybil attack”, Pelicoin comments, “the local node believes it is placing data on several distinct remote nodes. But in reality, it is communicating with a single remote node that is presenting multiple fake identities. In this way, an attacker can control a significant swath of the system”.
Lead engineer at Singapore-based blockchain company Rate3 Wai Hon further explains why peer-to-peer networks are so at risk:
“In peer-to-peer networks, communication is open, and group-based decisions can be affected by Sybil attacks when multiple fake identifications broadcast the same message, thus reinforcing the desired message simply through the principle of majority rule. Also, a Sybil attack can take place in the form of a siege on an honest entity in order to influence the information from that entity to other entities in the network”.
But how about Sybil attacks when it comes to blockchains?
If you’re wondering whether it’s possible for a Sybil attack to infiltrate a cryptographically secure network such as a blockchain, you’ll be pleased to know it’s significantly harder. This is partly because the cost of the attack renders it impractical in most scenarios.
Wai Hon states: “There is usually a ‘cost’ levied on entities in the process of account creation (minimum balance) or when transferring cryptocurrencies (for example, Gas fees on Ethereum)”.
However, blockchains are not immune to Sybil attacks, and they can undermine reputation scores. “Anyone can create unlimited accounts to prop each other and their reputation scores up”, Hon explains.
“With the support from these bad actors, the influence attributed to a single entity can be blown out of proportion, and this, in turn, allows that entity to manipulate data, and release fake news that appears credible”.
But since blockchain data is impossible to fake, Sybil attacks have limited effect. In fact, Lee remarks that the worst that a Sybil attack can do on a current network is “to insert easily detected fake data such as large transactions that do not validate, or blocks that contain bad information”.
The solution to Sybil attacks on blockchains
The Bitcoin network was designed to be Sybil resistant. And other cryptocurrencies such as Bitcoin SV have solid plans in place to prevent them. In the case of Bitcoin SV, Lee says:
“Mining nodes (which are the computers that build Bitcoin blocks) are starting to insert identifiers in blocks that they create, giving users the ability to know that their queries are being directed to a hash strong miner, and ensuring that the information they receive cannot be impacted by any Sybil attack”.
While this approach does not necessarily identify who the miners are (although they can), it provides an access point to a known real node on the network.
“Users who leverage this information (which is stored in the Coinbase transaction of each block) will be able to directly make requests from mining nodes, making them immune to any Sybil attack on the network”.
Disclaimer: The views and opinions expressed by the author should not be considered as financial advice. We do not give advice on financial products.