Blockchain attack vectors
Blockchain can be attacked in a number of different ways. Many of the most famous attacks focus on issues with either the theoretical blockchain protocol (such as the 51% attack) or smart contracts (such as reentrancy and access control vulnerabilities).
However, even a theoretically secure blockchain protocol can be vulnerable to attack when implemented. Blockchain is typically implemented using traditional computers and networks, and attacks against this infrastructure level can impact the security of the blockchain system itself.
Attacks against blockchain nodes
Like the internet, blockchain is implemented as software running on computers and processing data and communicating based upon predefined protocols. An attacker can exploit a blockchain network’s reliance upon software and computers by:
- Exploiting software misconfigurations: Blockchain is implemented as software running on blockchain nodes, and this software is often designed to interface with external systems such as wallet software or enterprise resource planning (ERP) systems. If the blockchain software is configured to expose these interfaces but they are not properly protected (i.e., by a firewall), then an attacker may be capable of connecting to a node’s blockchain software and take over their account.
- Executing Denial-of-Service (DoS) attacks: Blockchain is designed to be resilient against DoS attacks by ensuring that no node in the blockchain network is essential. However, each node in the blockchain network can be individually targeted by DoS attacks that still impact blockchain security. An attacker could perform a traditional network-based DoS or consume the node’s computational or storage resources to degrade its ability to maintain a copy of the distributed ledger or participate in blockchain consensus.
- Performing transaction-based injection attacks: Injection attacks take advantage of poor input sanitization to exploit vulnerabilities using malformed and malicious input. Blockchain nodes are designed to process large amounts of untrusted data in (Read more…)