Most people still only associate blockchain technology with electronic currencies. Certainly, Bitcoin and other alternative currencies have gained the most public attention. It's important to realize that the underlying technology has already been used for much more than currency trading. It's being used for everything from trading solar energy in private coops to passing around contracts in businesses.
Harvard Business Review scholars predict that blockchain tech could eventually prove more valuable than Bitcoin. Of course, they point out that this form of distributed processing and record keeping can only live up to its potential if people are certain that it's secure. Today, some of the things about this new technology that have attracted users are also the things that may make it vulnerable.
How Vulnerable is Blockchain Tech?
To understand blockchain vulnerabilities, it might help to review a brief summary of how it works differently that typical computer systems:
- Today's systems usually use centralized data repositories. A central authority retains control over that data.
- With blockchain, the database is distributed across nodes. The information is accessible to all users, and there isn't a central authority. Instead, various users gain access via a complex, unique address. As transactions occur, they are transferred from the original node to all of the other nodes.
- Each user is responsible for his or her own security and data storage.
Obviously, the attraction of the alternative currencies that rely upon blockchain is that they aren't governed by a central authority and can be conducted anonymously. At the same time, concerns over the vulnerability caused by that lack of a control user and relative anonymity appear justified. According to the Harvard Business Review article cited above, more than $950 million in value may have been lost due to accidental losses and intentional thefts by Bitcoin alone.
What Makes Blockchain Insecure?
Again, people, cooperatives, and even businesses are using blockchain for more than currency transactions. Still, alternative currency still gets the most press. It has certainly made the news for a number of high-profile losses. This isn't meant as an attack on alternative currencies. The very popularity of electronic currency explains why it provides the best examples of losses. Other applications just haven't been tested that much.
Basically, losses fall into two categories; these are online crime and accidental losses:
- Cyber crime: Hackers break into computers and even cell phones to steal the identification codes that give them access to electronic currencies. Online thieves don't just target individual traders; there have also been a number of cases where online wallet services have been attacked and emptied. Both people and commercial enterprises have served as targets.
- Unintentional losses: Accidental losses occur more often with individuals who store their own digital wallets on their own devices. Information might be stored on a disk drive that failed or was damaged in an accident or storm. Certainly, these former owners of electronic currency could have backed up their information, but like many computer users, they failed to do so.
The public and anonymous nature of most blockchain applications makes them vulnerable. Anybody can participate, and they can keep their identity a secret. This puts the responsibility for securing and backing up information on the shoulders of both personal and commercial users. In other words, almost all losses can be traced down to human errors. This may also include the failure of security to keep up with savvy internet criminals.
Is it Possible to Secure Blockchain?
For most of today's applications, there's no way to recover a stolen or lost identity key. Since the right credentials can verify a transaction, there's also no way for users to recover losses from theft. These characteristics of public blockchain don't really have to be inherit to the technology; they may just be critical parts of the current applications.
For instance, many electronic currency users want to stay anonymous and to assume responsibility for their own data. This is all part of the way that these particular applications have been designed; however, all blockchain applications don't have to function this way. It's even possible that a new electronic currency that eliminated some of these vulnerabilities might attract some people. These people might not worry as much about remaining anonymous as they are about security and recoverability.
One solution that corporations have explored is a private blockchain with its own programmable features and rules. Organizations can determine which nodes to allow to enter their system, and they can also require specific backup, verification, and even data recovery rules. Eliminating blockchain vulnerability will depend upon some changes to the software. Mostly it will reply upon people who create and enforce good governance policies.
Who Can Create a Secure Blockchain?
In the future, blockchain technology might change the way that many organizations use computers to process transactions and store information. Keeping these systems secure will certainly require the right IT people, but these changes are also likely to impact other departments, including finance, legal, and accounting.
At ICS, we help companies find the right people to help improve and secure their technology. Call upon us right away to tell us who you need. You can rely upon us to do the rest.