Cybersecurity, Pixabay.com
Image: Cybersecurity, Pixabay.com

IBM Security team X-Force Red has announced the launch of a new blockchain security testing service to help businesses identify weaknesses in solutions that incorporate blockchain technology. The new service, called X-Force Red Blockchain Testing, evaluates both the backend processes used to manage blockchain networks and the actual ledger environment to identify exploitable vulnerabilities, covering the whole implementation.

Worldwide spending on blockchain solutions is forecasted to reach US$9.7 billion by 2021, according to a recent report by the International Data Corporation, indicating that blockchain implementations will likely grow exponentially in the years to come. According to IBM, establishing hardened industry standards will be a critical next phase in enabling the widespread enterprise adoption of blockchain.

“While blockchain is a breakthrough for protecting the integrity of data, that does not mean the solutions that leverage it are immune from attackers, which is why security testing is essential during development and after deployment,” said Charles Henderson, global head of IBM X-Force Red.

During a typical blockchain testing engagement, the X-Force Red team, which is comprised of hackers, would break into blockchain networks using the same tools, techniques, practices and mindsets as criminals would use, and assess:

  • Identity and access: X-Force Red will evaluate how permissions to access/add info to the blockchain are administered including password policies, susceptibility to brute force attacks, and the implementation of 2-factor authentication;
  • Public Key Infrastructure (PKI): ensure the secure creation, management, and distribution of digital certificates and keys associated with a blockchain network;
  • Smart contract flaws: perform penetration testing to ensure that smart contracts have no exploitable flaws; and
  • Software supply chain attacks: common libraries and component dependency hacking can be tested during design and implementation to ensure secure dependency signatures and a trust build pipeline.

While the basic concept of blockchain, hypothetically, is very resistant to attacks, it is not invulnerable. Many security experts warn that blockchain implementations bring with them a wide range of dangers that companies need to be aware of.

So far, no report of cyberattacks against enterprises blockchain has been made partly because the technology is still in the development or pilot stages. But attacks on public blockchain projects and cryptocurrency exchanges are common.

In January, Ethereum Classic, the original version of the Ethereum network, came under attack. An unknown perpetrator essentially rolled back and altered transactions on the network, stealing around US$1.1 million worth of the cryptocurrency in a so-called 51% attack.

In total, hackers have stolen nearly US$2 billion worth of cryptocurrencies since the beginning of 2017, mostly from exchanges.

 “The growth of cybercrime has fueled a rise in the number of individuals who can write malicious code, and the dark web gives them the perfect marketplaces to sell them on,” said Rick McElroy, a security strategist at Carbon Black. The expertise the criminals are gaining from these attacks, and the tools that are proliferating in the underground, can be leveraged against enterprise projects, he added.

Attackers began springing 51% attacks in 2018, targeting smaller coins such as Verge, Monacoin, and Bitcoin Gold, and stealing an estimated US$20 million in total.

David Vorick, co-founder of blockchain-based file storage platform Sia, expects 51% attacks to continue to grow in frequency and severity.

About the author

E-Crypto News was developed to assist all cryptocurrency investors in developing profitable cryptocurrency portfolios through the provision of timely and much-needed information. Investments in cryptocurrency require a level of detail, sensitivity, and accuracy that isn’t required in any other market and as such, we’ve developed our databases to help fill in information gaps.

Related Posts

E-Crypto News Executive Interviews

Automated trading with HaasBot Crypto Trading Bots

Blockchain/Cryptocurrency Questions and Answers

What Are E-stablecoins And How Do They Operate?
What Are E-Stablecoins And How Do They Operate?
August 11, 2022
How to Choose a Legit Crypto Casino?
August 5, 2022
Spend Crypto
5 Ways to Spend Crypto
August 2, 2022
What Is A DAO LLC?
What Is A DAO LLC?
August 2, 2022
Can Running A Lightning Node Earn You Passive Income?
Can Running A Lightning Node Earn You Passive Income?
July 5, 2022


CryptoCurrencyUSDChange 1hChange 24hChange 7d
Bitcoin24,039 0.05 % 1.17 % 6.00 %
Ethereum1,901.7 0.22 % 0.25 % 17.94 %
Tether1.001 0.13 % 0.02 % 0.07 %
USD Coin1.000 0.44 % 0.25 % 0.18 %
BNB322.66 0.04 % 1.19 % 3.79 %
XRP0.3735 0.07 % 1.92 % 0.16 %
Cardano0.5320 0.02 % 1.30 % 5.90 %
Binance USD0.9997 0.19 % 0.01 % 0.28 %
Solana42.12 0.56 % 2.22 % 3.81 %
Polkadot9.350 0.17 % 0.34 % 15.40 %

bitcoin
Bitcoin (BTC) $ 24,069.00
ethereum
Ethereum (ETH) $ 1,900.03
tether
Tether (USDT) $ 1.00
usd-coin
USD Coin (USDC) $ 1.00
bnb
BNB (BNB) $ 322.85
xrp
XRP (XRP) $ 0.373666
cardano
Cardano (ADA) $ 0.532521
binance-usd
Binance USD (BUSD) $ 1.00
solana
Solana (SOL) $ 43.18
polkadot
Polkadot (DOT) $ 9.36