Spotlight on blockchain security

NEW DELHI: Whenever a trend experiences significant growth in terms of users and capital flows, it attracts more bad actors to that space, as new attack vectors are opened up, and cybersecurity practices in new areas are often not fully understood or put in place.

Additionally, some of these trends and technologies are gaining adoption at a rapid rate, increasing the urgency to concurrently adopt good security practices to keep data and crypto assets safe.

Let’s take a quick look at some alarming stats. It is estimated that after every 14 seconds, an individual or company falls prey to a ransomware attack. Small Businesses are the primary targets of Cyber-attacks: Most small businesses continue being the smallest investors in cybersecurity despite making up 13% of the cybercrime market!

With the growing popularity of the metaverse and NFT’s (Non-fungible tokens) come multiple security challenges as well.

Many of the current metaverse projects require that users connect their cryptocurrency wallets to interact with them, as gameplay and interaction need to be attached to a unique identity – that being your wallet’s public address. And, just as in the real world, your wallet is used to purchase items such as land, clothing, art and other things. However, having an attached crypto wallet such as MetaMask is where the security concerns within the metaverse start to take shape, so we’ll have to look at that and other cybersecurity issues within the metaverse.

Of late, there have been countless reports of compromised wallets in the metaverse, which resulted in stolen funds and NFTs. Everything from fake airdrops meant to phish users’ accounts, to compromised keys, the metaverse adds another complex attack vector to the blockchain. Additionally, VR technologies like Oculus and HTC Vive, which will become a centrepiece in metaverse interaction, have also proven to be vulnerable to hacks

NFTs are cryptographic collectable tokens that represent something unique and that cannot be replicated. Over the past couple of years, the market of NFT sales quadrupled to $250 million, and has seen well-known artists such as Beeple selling their crypto art through NFTs for millions of dollars. These large sums of money and new technology have attracted a whole new wave of consumers into the crypto space, and whenever a new technology sector experiences massive growth, cyber criminals are naturally given more opportunities to exploit users.

Recently, OpenSea – the primary marketplace for NFTs – needed to fix a vulnerability in their platform that would let hackers drain users wallets by sending them a maliciously crafted NFT. For instance, you could open up your wallet one day, notice a seemingly free NFT, try to send that NFT out to another wallet or simply interact withit in any way, and from there the hacker could drain funds from the wallet. This hack would work because the user would be exposing their wallet details in the process.

A clear overview of the different blockchain security issues shows the complicity in the existing state of blockchain security. The awareness of vulnerabilities in blockchain security is essential to create better networks and systems. Furthermore, technical advancements such as AI-based solutions for infrastructure, transaction, and code analysis can spell out new trends in blockchain security.

​(The writer is Founder, India Blockchain Alliance)