In the wake of the “51% attack” which infiltrated Ethereum Classic and sent shockwaves around the cryptocurrency community, Coin Rivet spoke with two of the world’s leading cyber security professionals…
A massive cyber attack on Bitcoin is a real prospect that could occur at any time, warn security experts.
Just a week after Ethereum Classic was hacked, resulting in the potential theft of millions of dollars, some of the world’s leading cyber security figures say Bitcoin could easily be targeted next.
The issue, they say, sits within blockchain – the underlying technology of cryptocurrencies, and a digital resource that many regard as the most impervious system available.
Despite its advanced security, however, blockchain contains a flaw which has been a feature of its programming throughout the ten years it has been powering cryptocurrencies like Bitcoin.
“It’s not a bug – it’s an actual feature which lays Bitcoin wide open to attack,” cyber security professional Gareth Niblett said in a Coin Rivet article for the Daily Express.
“It is the Nakamoto consensus mechanism itself, and it’s an inherent feature of the proof of work approach which has existed for the last ten years.”
‘Lost in the bubble’
Mr Niblett, director of the British Business Federation Authority and CEO at security firm Blackarts, explained that the defect in the mechanism is exposed when 51% or more of the miners in any crypto pool are untrustworthy.
“The people who have cared to understand the underlying tech and protocols knew about it, but it has been lost in the bubble,” he added.
“This has been a theoretical concern since the beginning, but nothing has been done about it because it has this false air of impossibility about it, but the threat is real – this could genuinely happen.”
Mr Niblett said that the huge costs involved in an attack would always be considered a barrier to its successful execution, but the fact that the inherent problem exists means the possibility of Bitcoin being attacked can not be ruled out.
“They go for the smaller cryptos because they’re easier to target in this way – as we saw last year with Bitcoin Gold and we’ve now seen this week on a fork of Ethereum,” he said.
“The 51% attack on Ethereum Classic would have cost around 5,000 euros an hour, but to do the same with Bitcoin would cost millions.
“You would need an enormous amount of money to carry out the attack, but that’s not really the point – the point is that there are plenty of unscrupulous people out there with enormous amounts of money, and this inherent feature exposes a huge security risk.
“Bitcoin has many weaknesses in terms of how wallets and exchanges operate, as well as an issue of trust in some of the people who run them – this is a very real risk.
“There is nothing technically to stop an attack of this nature on Bitcoin, apart from moving from proof of work to proof of stake – this is something Ethereum are actually doing to get away from the inherent problems with blockchain.”
The concerns of Mr Niblett were mirrored by another internationally renowned security expert – Ian Thornton-Trump, Head of Cyber Security at AmTrust International.
“Of course Bitcoin is vulnerable to attack,” he told the Express.
“If it is online in any way, shape, or form, cyber criminals, market manipulators, and shady exchanges will profit from others’ misfortunes.”
Mr Thornton-Trump stressed that an incident like the Ethereum Classic attack does seem a little far-fetched for something the size of Bitcoin, but the fact that it is within the realms of possibility means any threat cannot go unchecked.
“I do believe the Bitcoin market and holdings are diverse enough that a 51% attack would be hard or nearly impossible to mount but, in the volatile BTC marketplace, we have seen massive swings as a result of the behaviours of online charlatans proclaiming massive opportunities,” he explained.
“If you have BTC, keep this in mind: There are more people that want to take it from you than want to give it to you. Safeguard your BTC holdings like the precious commodity they are.”
Both experts agreed that the problems with Bitcoin security ran deeper than the blockchain flaw, insisting that regulation would have a part to play in making cryptocurrency a more attractive prospect to the general public.
“Blockchain has no governance, no regulation, and inherent errors,” emphasised Mr Niblett.
“You can’t say this is an alternative to money and then say you don’t want regulation – it is clear that regulation must play a part in the future of cryptocurrencies.”